With a large part of the global population using the Internet for vital aspects of their lives, cyber security has become just as important as physical security.
Online bank accounts’ authentication codes stored on a laptop or desktop computer are the norm, and it’s common for Internet users to hold multiple email accounts. Websites offer increasingly more information and services, lending to a need for more passwords and IDs. All of it leads up to an obvious need to protect private or significant information.
Cyber safeguarding has become that important, as we’ve seen in the latest case of Korea’s information network ― supposedly of one of the world’s best in quality ― being sabotaged for several days at the hands of hackers.
However, while the need for better information security is rising, the number of professionals or experts who are capable of dealing with potential crises and just managing our day-to-day Internet operations are woefully short.
“Cyber attack is one of the biggest threat of our time and is also closely related to national security and ultimately, national competitiveness,” said Lee Yun-soo, academy director at the Korea Internet and Security Agency.
“There is definitely a need to nurture information security professionals as a countermeasure to what we call cyber terrorism and to protect our economy.”
Last year, Korea Internet Security Agency figures showed that there were about 9,244 individuals working for information security. This year, the workforce will be increased by about 363, but this falls short of the estimated 2,000-plus experts who will be needed.
The figures suggest that by 2017, more than 3,500 new experts will be required for information security, but the demand is unlikely to be met.
The biggest reason is because it takes time to nurture such professionals, says Lee Se-young, a spokeswoman for SK Infosec, an SK affiliate devoted to information security.
“It takes long periods of time to breed experts of high caliber, but our society seems to be growing and changing too fast for the training to keep up,” Lee said.
The government has not been helping, as it has reduced information security-related funding to 52.7 billion won last year, down from the 76.9 billion won in 2010.
Another problem that has led to risks such as the latest hacking on financial companies and broadcasters is that cyber-crime-fighting offices are dispersed all across the government, including the National Intelligence Service, the Defense Ministry and the National Policy Agency.
The lack of a unified conduit makes crime fighting more difficult, industry watchers say.
Hord Tipton, executive director of the International Information Systems Security Certification Consortium recognized these shortfalls.
“Now, more than ever before, we’re seeing an economic ripple effect occurring across the globe as a result of the dire shortage of qualified information security professionals,” said Tipton.
The consortium is a nonprofit agency focused on educating and certifying information security professionals.
According to this year’s Global Information Security Workforce Study, a forum convening more than 10,000 security personnel around the world, 56 percent of the participants responded that hacking was their biggest concern, followed by cyber terrorism with 44 percent and hacktivism ― indicating the use of computers and networks to promote political agendas ― with 43 percent.
Another meaningful figure was that more than half of the respondents felt their company or organization lacked security personnel.
The majority also felt that organizations were incapable of recovering from cyber espionage or other forms of crime because they lacked the necessary personnel.
The Bring Your Own Device trend, consisting of people taking their own devices such as laptops to work at the office, was another risk to cyber security, along with social networking services, which opens up people’s lives to everyone around them, possibly including those with ulterior motives.
By Kim Ji-hyun (
jemmie@heraldcorp.com)