Recent data from AT&T highlights the extremely high levels of vulnerability inherent in the working practices of many of us. They quizzed 3,000 workers from Germany and the UK to understand how their working habits had changed as a result of the Covid pandemic, and the remote working that it has precipitated.
The findings were stark, with 54% saying that they regularly used their work devices for personal reasons, with connecting it to various smart home devices particularly common, whether it’s to voice assistants, fitness monitors, or smart kitchen appliances.
While the data also suggests that many workers are aware of the cybersecurity risks posed by remote working, this doesn’t appear to be translating into changes in behavior.
For instance, the survey found that 55% of people had been targeted by a cyberattack while working remotely, with around a third arguing that their employer isn’t doing enough to protect them.
Despite this awareness, however, around two-thirds of respondents said that they find practicing good digital hygiene difficult, due in large part to a lack of training on just what that means and how it can be realistically achieved.
“The lines between our professional and personal lives are blurring and that includes our online behaviors. It’s clear that businesses can only protect their networks by mitigating for those behaviors,” AT&T says. “Cybercriminals are launching cyberattacks at the most vulnerable point – the remote worker. Businesses who initially compromised on cybersecurity to speed up the transition to homeworking are taking a tremendous risk. They must address cyber risks now to provide for business continuity and help protect their workforce and business for the future.”
A new initiative from the online learning platform Udacity may help to plug some of the gaps identified, especially in terms of providing cost-effective education to employees. The company is launching a School of Cybersecurity to address the growing skills gap in cybersecurity.
The courses contain a mixture of instructor-led sessions and real-world scenarios to try and provide students with the resources and practical expertise required to ensure they’re able to operate securely and keep their data secure in an era where the threat landscape is rapidly expanding for all organizations.
Aside from the evident need to upskill the wider working population, the (ISC)², who provide a global membership role for the security industry, estimated a few years ago that around half a million new cybersecurity professionals would be needed in the United States alone. In other words, they believed that the total cybersecurity workforce needed to grow by 145% if it was to provide adequate security for organizations. It’s a figure that has probably grown in recent years as more of our life is conducted virtually.
Closing the gap
The School of Cybersecurity will initially offer four Nanodegree programs with the aim of addressing this shortage. They offer a range of courses, each of which can be completed within four months. At the introductory level is the Introduction to Cybersecurity, which aims to provide students with the skills required to embark on a career in cybersecurity.
"In this program, you will learn how to evaluate, maintain, and monitor the security of computer systems,"Udacity says.
"You’ll also learn how to assess threats, respond to incidents, and implement security controls to reduce risk and meet security compliance goals."
This follows two more courses, for Security Engineers and Security Analysts respectively, at the intermediate level, before an interesting course on Ethical Hacking that is branded as being at the expert level.
"You’ll master the skills necessary to become a successful Ethical Hacker," Udacity says. "Learn how to find and exploit vulnerabilities and weaknesses in various systems, design and execute a penetration testing plan, and report on test findings using valid evidence."
The company says that they created the course on ethical hacking as it’s a discipline that is increasingly being used by organizations as they want their security teams to be fully versed in the ways attackers will use to try and compromise systems and exploit vulnerabilities.
Online platforms, such as Udacity, are eminently scalable and can offer programs globally, which they believe will not only help to address the skills gap across the sector but also address some of the diversity issues that they argue blight attempts to thwart hackers.
“As COVID-19 pushed more organizations to embrace remote work and digital workstreams, vulnerability to breaches has grown materially, which in turn increased the demand for hiring hard-to-find cybersecurity professionals,” said Gabe Dalporto, CEO, Udacity. “The hands-on curriculum Udacity offers is critical in building job-ready skills in the red-hot field of cybersecurity which has seen a 94% increase in job postings* in the past 5 years and has an average annual salary of $135,000**."