Cyber security is a major challenge for many companies. According to Mats Wernolf at Softronic, increased reliance on technical solutions combined with a lack of expertise in the field is a growing problem. “Without knowledge and understanding, it’s easy to fall victim to the security industry,” he says.
The skills shortage in IT is well known, and it is also a major challenge in cyber security. Linda Nyberg, Business Unit Manager Cyber Security at Softronic, points out that the demand for experienced experts is enormous.
– This drives up wages and creates a gap between market demand and the skills available – many graduates find it difficult to get their foot in the door and start working. They want experience and specialized knowledge, which makes companies hesitate to hire and instead look for other options,” she says.
Technology can protect the wrong parts
Mats Wernolf, Senior Security Architect, explains that cybersecurity is a broad area that requires not only technical expertise, but also an understanding of regulatory requirements and the ability to conduct relevant risk analyses.
– Without knowledge of how your business needs to be protected, it’s easy to fall victim to the security industry’s marketing. ‘All-in-one’ solutions can provide a false sense of security if you don’t understand the risks and threats to your business.
He points out that the NIS2 flag has created a worrying trend where technology is used to meet regulations rather than to strengthen real security. If security systems actually solved the problems they promised, today’s security challenges would no longer be a problem, he says.
– It must be understood that it is processes, procedures and human skills that create security, not the technology itself. Failure to set the right requirements in procurement can lead to companies buying solutions they don’t understand and which turn out to protect the wrong parts of their business.
Security work is a marathon
Ms. Nyberg stresses that the long-term solution lies in creating a culture where cybersecurity is an integral part of the business. She says that security should not be a one-off project, but an ongoing process that requires persistence and continuous follow-up.
– Cybersecurity is a marathon in which companies and management teams need to be resilient and think long-term. Technology should make it easier, but it takes human expertise to identify and fix security gaps. By working with a partner who listens to you and your needs, understands the market, risks and threats, companies can create a secure, sustainable and business-aligned cybersecurity strategy,” she concludes.
Original article published for DI.se
