What are the Biggest Mistakes Security Professionals Make?

Cyberattacks will not let up anytime soon, so businesses need to be prepared with the knowledge and expertise to combat them. Unfortunately, finding the right folks with the right expertise is hard. According to a report from Kaspersky titled “The Portrait of Modern Information Security Professional,” the world is short about 4 million security professionals, and even the existing professionals make grave errors in their first couple of years. Let’s take a look at some of these insights and see what we can learn from them.

Today, we’re focusing on the first part of this report: “Cybersecurity Education Lags as Professionals Struggle On,” which is split into two chapters:

1. “Educational background of current cybersecurity experts”
2. “Initial professional struggles”

We’ll summarize each.

Preparedness for Cybersecurity Tasks

First, the report outlines how well-prepared security professionals are to tackle cybersecurity challenges, and the answer is they are not.

The research indicates that over half of IT security professionals have no postgraduate degrees. Additionally, half of these professionals claim that the theoretical experience earned from degrees earned in college did not benefit them, and even fewer had opportunities for real, hands-on experience. Furthermore, colleges and universities struggle to keep curriculums updated with the rapid industry changes and threat developments. And, of course, this all leads to a general decrease in qualified instructors to teach cybersecurity in the first place.

Entering the Working World

The Kaspersky report also outlines that these professionals struggle to adjust to the working world of cybersecurity.

The research found that many employees were denied positions after the first interview, and some would go for two, three, or even four interviews before securing a position. In fact, it would be uncommon to secure a job before suffering through at least four interviews.

Even after hire, 46% felt that it took them at least one year before finally feeling comfortable in their role, with most identifying this number between one and two years.

Of course, there is a human element to this issue as well. Even the most well-prepared professionals will make mistakes from time to time—especially at the beginning. Most respondents to Kaspersky’s study made mistakes during their first year, with the most common mistakes being failing to update software (43%), weak and guessable passwords (42%), and negligence with timely backups (40%).

These Mistakes Can Be Avoided

The big thing to note about these mistakes is that they are not rocket science; they can easily be handled by trained professionals who have organizational buy-in, solutions in place to automate these tasks, and resources to make it happen.

C3-Solutions can work with your business to ensure it never needs security expertise again. Call us today at (240) 226-7055 to learn more.