In the absence of skilled information technology (IT) specialists to support key cybersecurity measures and efforts, merchants may need to established stronger ties with third-party service providers. For example, a card processing software provider that is independently certified to follow the standards established by the Payment Card Industry Security Standards Council (PCI SSC) offers merchants assurances that their credit card processing system meets security requirements.
In a recent interview with Information Security Media Group, publisher of BankInfoSecurity, Alan Paller classified the shortage of skilled IT workers as a “quality, not quantity” crisis. Paller is the founder of The SANS Institute, a research and education foundation for professionals in the security industry.
He provided the example of the U.S. Department of Defense’s recent attempts to hire up to 4,000 new security professionals to its Cyber Command, a significant challenge not only because the sheer number of professionals required, but also because the need to hire highly trained individuals.
Paller suggested that more technical professionals need to understand the lucrative opportunities available to the talented cybersecurity experts who fix complex data breaches.
However, the issues Paller describes are more of an industry wide struggle – individual merchants who require skilled technicians on staff to support their e-commerce or brick-and-mortar operations can’t practically do much to affect the IT skills gap. To resolve their own need for highly trained support, these business ought to reach out to service providers that offer consultation and guidance for specific functions.
The highly sensitive nature of data breach in the payment industry, for instance, requires the type of technical support only proven, dedicated industry professionals can offer. Even for companies with tremendously skilled IT staff, this support cannot be easily replaced.