It’s Not Enough To Have Good Security; You Need Good People Too
-
AuthorNok Nok News
-
Published2 Jun 2022
-
0 commentsJoin Conversation
In recent years there has been a renewed interest in augmenting digital security. The use of biometrics and other forms of passwordless authentication are making great strides in helping end-users maintain a safer, more secure environment.
However, it’s not just the users that are crucial to maintaining a secure digital environment. Experts and other qualified digital security staff are essential, and this is becoming a serious problem in the United States.
Demand Outstrips Supply
The United States is currently estimated to have one million Americans working in the digital security field. However, there are also approximately 600,000 vacancies that require urgent filling, and over 500,000 of those are in the private sector alone. According to Forbes, 45% of companies with digital security teams report shortages that need qualified staff.
This can be viewed as a “seller’s market” for IT staff with security experience. The job demand is real, and companies must put in the work to appeal to security specialists and sway their decision to take a job and stay there. However, with so many shortages, there is already a domino effect at play.
Personnel Shortage Means Incomplete Work
Biometrics can only go so far. While a passwordless authentication system can make huge strides in protecting individual users, it should never be relied on as the sole security mechanism. Human expertise is still required, especially when integrating new security technologies into an existing framework.
This is where the shortage in qualified security personnel is at its most acute. Unless qualified personnel are present to work on systemic authentication issues or enterprise security problems within an organization, holistic solutions will not be delivered. In the realm of digital security, this means that system-wide vulnerabilities may go unaddressed due to a lack of skilled workers and their expertise, which together increase enterprise security risk. A lack of proper security staffing can result in a struggle to maintain compliance, with more vulnerabilities and systemic authentication failures that can slip past undetected.
People Matter to Security And Biometrics
It’s not just enough to want to maintain a secure business; there must be an investment in the people. Larger companies with the proper budgets must be willing to invest in a CISO but, more importantly, must be ready to support the needs of that CISO. If security isn’t working because the security staff isn’t getting the people and tools they need to do their work, it’s no surprise that their efforts fall short. Implementing effective and convenient security measures such as biometrics helps, but that’s only part of a coordinated effort.
If you’re interested in using the FIDO protocol and moving to a passwordless identity and authentication system, read here to learn more.