Social Engineering and Behavior Skills
"More and more, we see technical attacks that are used to gather information that is, in turn, used to perform a social engineering attack against an organization to get employees to inadvertently give up credentials or otherwise provide access to the attacker," said Wenzler. As ransomware, phishing emails, false login sites and more continue to be used more frequently, there is a need for security professionals who understand the human side of these exploits. Wenzler added that the ability to recognize behavior patterns in social engineering will be needed by organizations in order to create stronger training programs, better policies and procedures for staff to follow, and ways to empower their staff to perform their day-to-day tasks in a more secure manner.
7 Top Skills for Security Pros
Just as the security landscape is ever changing, so are the skills that security professionals need to keep up. In a study conducted by Sungard Availability Services, IT decision makers revealed the security skills that are lacking in many organizations, including:
• Experience developing security infrastructure and setting up security policy management, monitoring and alerting systems
• Ability to identify incoming security threats
• Background in security systems including the network layer, system layer and application layer
• Familiarity with implementing security controls around enterprise data and experience with enterprise security, identity management and federation systems
Sungard AS’ Global CSO Shawn Burke added, "While it depends on the organization the security resource will work for, people with application/software development skills are in high demand throughout the industry."
Here are seven other security skills needed in IT departments, some of which may surprise you.
