There is a shortage of personnel on the labor market who will be able to perform specialized tasks within the structures of the national cybersecurity system - experts in law and cybersecurity believe.
In an interview with the agency, the professor referred to the draft amendment to the law on the national cyber security system. The new regulations provide, among other things, that operators will have to remove devices and equipment from the network from suppliers recognized by the Cyber Security College as high-risk companies. They also provide that electronic communication entrepreneurs will become part of the national cyber security system.
The professor referred to the planned changes, which provide for the creation of new specialized organizational units responsible for cyber security. These will include - in addition to the already existing CSIRT Gov., CSIRT MON and CSIRT NASK - obligatorily created sector security teams (sector CSIRTs) and CSIRT Telco or operational security centers (SOCs) at key service providers, as well as expert centers for the exchange and analysis of information on vulnerabilities, threats and incidents (ISAC). Two groups of entities will be included in the system: electronic communication entrepreneurs and universities.
On the sidelines of the 12th scientific conference "Security in the Internet" held in the UKSW, which this year's theme is "Cyber-pandemic", that the market "lacks staff who could perform specialized tasks in the structures of the national cyber security system".
"Firstly, it is necessary to adapt the structure of student education to the new requirements, and secondly, there is a need to quickly train already employed people. It is possible, for example, to prepare relatively quickly for the new responsibilities of persons who have previously studied in the field of personal data protection and classified information or information security management". - she said.
The professor pointed out that nowadays we observe an increasing intensity of activity of cyber criminals on the Internet, who prey on human tragedies and economic problems related to the coronavirus.
"We need to react quickly and adapt the staff to new challenges and needs. Man is the weakest link in the system, and every system is as strong as its weakest link". - she stressed.
Professor pointed out that the challenges will concern both the private sector and public administration. "Therefore, as a result of the work of the Sectoral Council for Telecommunications and Cyber Security Competence, we have recommended solutions to the needs of cyberbatching training and mobilization of resources to take greater care of such staff. This care must be different depending on whether it is public or private sector," she explained.
Recalling the reports, NIK added that a significant number of public entities today do not fully meet the security requirements for electronic public services. Therefore, in her opinion, the new legislation should introduce solutions reminiscent of the qualification, knowledge and experience requirements that data protection officers must meet under the TYPE.
The professor underlines that cursory analyses indicate that after the change of regulations, the number of entities responsible for cyber security will double and will amount to over 20 thousand. This will additionally include an average of 5 thousand electronic communication entrepreneurs and universities for each country.
