The Need for Employees Who Think Like Hackers – Or Are Hackers
Charlie Sheen references are everywhere. I got an email today with the subject line: Hackers, Duh Winning.
The email came from the Identity Theft Resource Center (ITRC) and it reported:
ITRC has found that hacking accounted for the largest number of breaches in 2011 year-to-date. Almost 37% of breaches between January 1st and April 5th were due to malicious attacks on computer systems. This is more than double the amount of targeted attacks reflected in the 2010 ITRC Breach List (17.1%).
Then I read an article on ZDNet that stated:
The next arms race is on and the governments involved are speeding to amass the expensive weaponry of 21st century battle — hackers.
No one, it seems, has enough and acquiring the cyber-security talent capable to conduct offensive and defensive operations is sending salaries for hackers through the roof, according to recent reports.
Perhaps the way to defeat the problem of hacking is to bring the hackers from the dark side to the right side. But hiring a work force with the right technical skills to understand the way a hacker thinks isn't easy. Again from the ZDNet article:
The most frequently quoted accounts of the shortfall come from Jim Gosler, a veteran cyber-security specialist and former official of the CIA, the National Security Agency and the Department of Energy. In 2008 Gosler estimated that the United States needed between 20,000 and 30,000 technicians with the requisite skills to defend cyberspace. At the time, he said there were about 1,000. Most security experts say the number still holds at about 1,000, a 97 percent shortfall.
When you read articles that talk about the risk to our infrastructure, as well as identities, it isn't hard to understand why it is critical to have the right cyber work force as the first line of defense.