Comment: Cybersecurity graduates are doubling, but that’s still not going to fix the skills crisis
November 2021 by Ilia Kolochenko, Founder, CEO and Chief Architect @ ImmuniWeb Inc.
European Union members have a collective cybersecurity skills shortage that may be partially addressed by a surge in new graduates – but even that potential solution is not without its problems.
More on the story here: https://www.enisa.europa.eu/news/en...
The comment from Ilia Kolochenko, Founder of ImmuniWeb, and a member of Europol Data Protection Experts Network (bio below):
“I think, the root cause of skills shortage lays in flawed cybersecurity management and strategy. Frequently, skilled cybersecurity professionals are overwhelmed with sudden and continually changing tasks. For instance, DFIR experts can be tasked to finetune mobile MDM solution, while pentesters are doing SIEM log triage. Skilled cloud defenders can spend their days working with on-premises servers and systems. Every week, the pile of new problems becomes even bigger, eventually preventing cyber teams from doing their jobs effectively. In response, organizations usually hire more cybersecurity professionals – to make things even worse as they are fixing a wrong problem.
"Other organizations gradually increase their annual security budgets to acquire more cybersecurity products and services. New technologies, when added into existing infrastructure without a long-term strategy in mind, usually bring more pain than gain: their installation, integration and management is an arduous task when you operate in a multicloud environment connected to obsolete legacy systems hosted on premises, let alone interconnected SaaS systems with your data. For example, you may buy a state-of-the-art WAF, but due to incomplete visibility of your attack surface, it will protect just 80% of your external web applications and APIs. Cybercriminals will undoubtedly find the rest, successfully attack them and breach your company despite doubled security spending. We shall start with strategy, people and process management, not with blindly hiring or spending more.”
Ilia Kolochenko is a Swiss application security expert and entrepreneur. He started his career as a penetration tester and has 15 years of experience in security auditing and digital forensics. After serving in Swiss artillery troops in 2007, Ilia founded his first pentesting and cybersecurity consultancy High-Tech Bridge.
In 2014, Frost & Sullivan named the company a leading service provider in the European pentesting market. Later Ilia invented and built the concept of the ImmuniWeb Platform, which combines the strengths of human intelligence with Machine Learning, and is now entirely dedicated to it.
As a Chief Architect at ImmuniWeb, he leads our data scientists, security analysts and software engineers. Ilia holds a bachelor degree in Computer Science and Mathematics from Webster University, a Master of Legal Studies from Washington University in St. Louis and a Master of Science in Criminal Justice (Cybercrime Investigation) from Boston University.
Currently, Ilia is a Doctoral student (Ph.D. in Cybersecurity Leadership) at Capitol Technology University. Ilia Kolochenko is a member of Europol Data Protection Experts Network (EDEN), a Member of GIAC Advisory Board and a Committee Member at Boston University MET CIC (Cybercrime Investigation & Cybersecurity) Center. Ilia is a certified GIAC GLEG professional (Law of Data Security & Investigations) and a Certified Information Privacy Professional (CIPP/US and CIPP/E) by IAPP.