U.K. Firms hire Hackers and Convicts to Defend their Corporate Networks
In a report released on Monday KPMG said it is increasingly unlikely to find specialized IT Security professionals who can counter the cyber attacks on their corporate networks.
Any professionals that are in the field are targets of aggressive headhunting, KPMG said that the lack of skills is forcing many companies to consider turning to ‘poachers turned game-keepers’ to keep up to speed.
The demand is being driven by an increase in threats and heightened awareness among senior management of the need to defend against attacks. The U.K. government puts the annual cost of cyber crime to the economy at some £27 billion per year ($42 billion).
KPMG surveyed 300 senior IT and HR professionals in organizations employing 500-plus staff in the U.K.
53 percent of respondents say they would consider using a hacker to bring “inside information” to their security teams.
It might seem like an odd concept at the outset — the idea of hiring convicted hackers as well as the white hat variety to bolster cyber security teams responsible for keeping sensitive corporate data from intruders. However, when there is a severe lack of skilled staff to plug the gap made worse by increasing rates of cyber crime, desperate times, desperate measures.
When you live in a world where hackers break into corporate networks for the "lulz" and teenagers merrily wander through Microsoft and the US military's networks to pinch programs and unreleased games for the sake of it, corporations are constantly battling advanced persistent threats and consumers are placed at risk, there's a problem.
Coupled with the skills gaps, it should come as no surprise that those with the talent — whether used unethically in the past or not — are being snapped up by UK corporations.
Recently JP Morgan shared the information of the cyber attack that they faced on their corporate network. Even the highly paid IT Cyber Security was not able to prevent that attack. Even though there is no evidence that Hackers gained the access to the Banks highly sensitive information.
JP Morgan admitted uncovering a cyber attack, but reassured customers that they are not liable for any unauthorized transactions on their accounts. The company has also noted that is hasn't seen any unusual fraud activity related to the breach.
Read Full Article on ZDNET
Any professionals that are in the field are targets of aggressive headhunting, KPMG said that the lack of skills is forcing many companies to consider turning to ‘poachers turned game-keepers’ to keep up to speed.
The demand is being driven by an increase in threats and heightened awareness among senior management of the need to defend against attacks. The U.K. government puts the annual cost of cyber crime to the economy at some £27 billion per year ($42 billion).
KPMG surveyed 300 senior IT and HR professionals in organizations employing 500-plus staff in the U.K.
53 percent of respondents say they would consider using a hacker to bring “inside information” to their security teams.
It might seem like an odd concept at the outset — the idea of hiring convicted hackers as well as the white hat variety to bolster cyber security teams responsible for keeping sensitive corporate data from intruders. However, when there is a severe lack of skilled staff to plug the gap made worse by increasing rates of cyber crime, desperate times, desperate measures.
When you live in a world where hackers break into corporate networks for the "lulz" and teenagers merrily wander through Microsoft and the US military's networks to pinch programs and unreleased games for the sake of it, corporations are constantly battling advanced persistent threats and consumers are placed at risk, there's a problem.
Coupled with the skills gaps, it should come as no surprise that those with the talent — whether used unethically in the past or not — are being snapped up by UK corporations.
JP Morgan admitted uncovering a cyber attack, but reassured customers that they are not liable for any unauthorized transactions on their accounts. The company has also noted that is hasn't seen any unusual fraud activity related to the breach.
Read Full Article on ZDNET