• United States



Getting your Information Security team right

Oct 14, 20154 mins
CSO and CISOData BreachInternet Security

teamwork puzzle organized pieces together
Credit: Thinkstock

Companies are investing in cybersecurity more than ever and it is a critical and yet a difficult task to bring a team that effectively monitors threats and manages security incidents. Despite the increased trend in spending in cybersecurity by industries and organizations, studies predict a major dearth of skilled security labor in the next decade.

And yet, the industry shows a trend to lean towards more manpower. A 2015 security pressure report by Trustwave shows that 84 percent of the total polled respondents desired more staff to cope with security challenges.

Some of the other striking revelations from the report are as follows:

  • 54% of respondents wanted to double the size of their current information security teams.
  • 30% of respondents wanted to expand their teams by four times or more, proving how ill-equipped some teams are.
  • A further 35% said they have partnered with a security provider externally.
  • 43% of the respondents admitted to plans of signing up with a managed security services provider in the future.

The headlines made by security breaches and hacking incidents has spurred on the increase in demand for manpower but increased staffing alone won’t be adequate nor sustainable as automated security solutions are entirely necessary.

The mere implementation of threat detection tools and solutions from security operation centers (SOC) that alert security teams of potential attacks have seen a staggering rise in the number of warnings that companies’ security teams are forced to review. This has inevitably led to the rise of hiring more security professionals among companies in various industries.

The demand for varied talent in cybersecurity

Security teams are getting broader as they are getting larger. There is a need for labor employed in risk management, putting together an incident response team, a team to manage the current infrastructure, a device management team among other roles within an organization.

Due to the requirements inherent in putting together a cybersecurity department, security architects and engineers are needed. So too are security directors. Cryptography experts are essential, much like cyber forensics experts. The ever-evolving malware industry requires its own expert to keep abreast with the latest threats.

However, there is an apparent talent shortage of skilled personnel in the cybersecurity space. Jobs that require a high degree of skill and experience takes months and sometimes years to fill. CISO jobs usually require applicants to have about 20 to 25 years of work experience and more specifically, about 10 to 15 years in the field of cybersecurity. Even entry-level security jobs take about three months to fill, according to a recent study.

Cybersecurity has now become a critical part of any major organization, even more-so one that deals with plenty of data from its clients and customers. The reality, however, is that many firms compromised due to data breaches in 2014 did not employ a CISO when the breach occurred. Quite simply, having a cybersecurity specialist and manager is a sought-after job profile by all major organizations paying heed to their cybersecurity infrastructure.

Case in point, the infamous Sony PlayStation Network hack of 2011 finally got Sony to hire its first CISO in the same year, after the breach.

Cybersecurity as a job market

It’s important to note that cybersecurity as a degree is only beginning to come about in universities. A lot of professionals working in the industry are those without the specific credential of a cybersecurity degree. A large number of jobs offered in the industry, even those at critical industry such as banks find talent with the right aptitude and necessary skill before implementing a module that covers on-the-job training.

The number of job postings in the cybersecurity arena grew a staggering 74 percent from 2007 to 2013, according to this report. That’s more than double the growth rate shown by IT job requirements. With increased demand and shortened supply comes higher pay grades.

A CISO can earn as much as $240,000 a year. Across multiple industries, the median pay for CISOs is $131,222 a year, according to recent figures from 2015. Additionally, security engineers earn as much as $128,000 a year, according to this report.

Getting the balance right between manpower, skilled labor and automated security makes the foundation for a good information security team.

Ondrej Krehel is the Founder of LIFARS, a global cybersecurity and digital forensics firm founded in 2014 with offices in New York City, Bratislava, London, Geneva, and Hong Kong. Mr. Krehel holds multiple professional designations and certifications, including that of Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH) and Certified Ethical Hacker Instructor (CEI) for which Mr. Krehel is one of ten people in the United States to hold such professional status. In addition, in 2012 to 2013, Mr. Krehel served as Adjunct Professor, St. Johns University, teaching a broad spectrum of cyber security issues and solutions.

Mr. Krehel anchors and directs LIFARS' multi-faceted global team providing tailored cyber and digital security solutions ranging from emergency response, to assessment, to monitoring, to re-architecture, and re-building of multiple systems and networks.

Previously, Mr. Krehel served as the Chief Information Security Officer of Identity Theft 911 LLC from October 2009 until 2013. He has over a decade of network and computer security experience investigating intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. Mr. Krehel has served as digital forensic examiner in the New York office of Stroz Friedberg, where he led computer security and forensics projects internationally and in the U.S., and was instrumental in detecting, investigating and combating intrusions and data breaches. Mr. Krehel also served as an IT technical security project leader at Loews Corporation, where he implemented technical security solutions, and was responsible for providing the first line of response for all cases involving the compromise of networking equipment, servers and end user machines. He began his career as a computer analyst at the government-owned utility company Slovenske Elektrarne A.S., in Bratislava, Slovakia, where he focused on information security and emergency security incident response for their nuclear, water energy and coal power plants.

Mr. Krehel is a member of the High Technology Crime Investigation Association (HTCIA), the Information Systems Security Certification Consortium (ISC) and the International Council of Electronic Commerce (EC Council). He has an M.S. degree in Mathematical Physics from Comenius University in Bratislava, and an Engineering Diploma from Technical University in Zvolen, Slovakia. He has also completed multiple courses in intrusion and forensics training, including Access Data Boot Camp and Niksun forensics training.

His professional work in cybersecurity and digital forensics has received media attention from CNN, Reuters, CNBC, Forbes, Bloomberg, The Wall Street Journal and The New York Times.

Mr. Krehel is a Speaker at the world's leading cybersecurity events for many years, including RSA in San Francisco, CEIC, HTCIA, RIMS, QuBit Prague, ICS South Africa, and is the author of numerous cyber industry articles.

The opinions expressed in this blog are those of Ondrej Krejel and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.