Cyber security experts assemble!

Sascha Giese, Head Geek™ at SolarWinds, details the critical IT security staff that every public sector organisation should be hiring and training to keep their security up to standard

Just as the Marvel® cinematic universe sees the Avengers come together to defeat evil, so must the business universe (whether focused on the private sector or public sector) assemble an experienced team of security experts to ward off cyber terrorism, hackers, and viruses. These individuals ensure organisations are protected around the clock from internal and external threats to their infrastructure.

But finding a talented and trained team becomes a problem when, according to Cyber Security Ventures, there will be 3.5 million unfilled cyber security jobs worldwide by 2021. A recent SolarWinds® Federal Cybersecurity Survey found insider threats continue to plague government agencies. This in large part owes to the lack of skilled IT and security staff with expertise in evolving and cutting-edge technologies. In this survey, 56 per cent of the surveyed federal government IT leaders considered careless or untrained insiders the most significant threat to their organisations.

To help mitigate the shortage of experienced public sector professionals, the government’s National Cyber Security Centre – which provides advice and support to the public and private sector to help them avoid computer security threats – supports several learning initiatives, certifying security professionals and their services for use by the public sector.

While this is certainly a move in the right direction, organisations today face the immediate need to hire and train a team of experts who are knowledgeable in the latest technologies and solutions to protect their infrastructure from attack.

So who should the key experts on your security/IT staff list be?

Database Administrators
With more and more databases migrating to cloud-based environments needing to be properly secured and encrypted, the role of the database administrator is more complex than ever.
In a world driven by data, it’s vital for public sector organisations to hire individuals who understand not just how to properly maintain and optimise a database – to ensure the end-user experience isn’t impacted – but how to properly secure one.

If an organisation like the HM Revenue & Customs authority is building an in-house application or website leveraging a database, for example, the administrator must ensure the database is working adequately, it’s working at optimal performance levels, and personal data is being properly stored and encrypted.

Cloud Computing Engineers
It’s characteristic of big players such as Google, Amazon, and Microsoft to launch new cloud services and applications each year. While these new technologies can help improve the end-user experience and speed up organisational efficiencies, the potential for black hats to exploit cloud environments has increased exponentially.

In an internal environment, organisations typically can ensure their data is secure if their database is locked down. In a cloud environment, it’s entirely another issue, as the potential attack area is larger. Daily innovation in the cloud space also makes it next to impossible to find experienced professionals trained in the latest cloud technologies and services. As a result, government IT leaders need to identify experienced cyber security professionals with cloud expertise and find technology solutions to help identify areas of insecurity.

Cyber Security Experts
Most importantly, organisations need to have experienced cyber security engineers committed to defending their infrastructure 24/7.

An organisation’s cyber security professionals not only should manage their daily duties—such as protecting firewalls from intrusions—but work closely with their agency’s database administrators, cloud computing engineers, and other IT/security professionals to ensure the rollout of new cyber security technologies doesn’t leave the digital infrastructure open to exploitation. This role makes them possibly the most vital members of the security team, but they can only do their job well if all employees pull together in a consolidated effort.

Faced with a triage of changing technologies, constant cyber threats, and a shortage of skilled IT security experts, public sector organisations need to come together with a common goal: to properly train an experienced team of database administrators, cloud computing engineers, and cyber security experts to collectively protect their infrastructure from threats, inside and out. Only by doing so will organisations become properly secured and run efficiently, now and in the years to come.