Nearly 2 BILLION records were stolen or lost globally in the first six months of 2017, according to security firm Gemalto. The US is still reeling from the Equifax data breach that affected 143 million users this summer, and the latest announcement from Yahoo that 3 billion accounts, AKA every single account owner, was accessed by their 2013 data breach, not the 1 billion number previously reported. Clearly, highly sophisticated cyberattacks are on the rise. To protect the most valuable assets at your Tech business, it’s critical to prioritize hiring the most valuable cybersecurity roles now, so you minimize the impact of the seemingly inevitable cyberattacks on your company.

“The question is not whether or not you’re going to be hacked, but are you ready? Are you going to be able to very quickly make decisions about what to do next,” Heather Adkins, Google’s Information Security Manager, told audiences at TechCrunch Disrupt SF.

The Hard Truth of Cybersecurity

According to Adkins, the likelihood of Tech companies becoming a cyberattack victim is not just high, it’s inevitable. 2017 has been a banner year for cyberattacks. With the global impact of the WannaCry and Adylkuzz cyberattacks, among many others, it’s impossible to ignore the overwhelming probability that your Tech company will be the target of a data breach in coming years.

While it may seem doomsday-esque, Adkins is an expert worth listening to, in part because the last hack massive, Tech giant Google experienced was in 2009. With more than 1 billion users in their Gmail system, it’s not a bad idea to take a page out of the Tech giant’s rulebook when it comes to protecting against and resolving cyberattacks.

The reason a cyberattack is likely inevitable for Tech businesses is because they rely on open-source software. Hackers exploit the use of this technology to find zero-day vulnerabilities, which are holes or flaws in the software unknown to the vendor, and exploit them to steal sensitive data, like employer’s tax documents, consumer’s personal and credit card information, social security numbers, and more. And an AI cybersecurity solution isn’t the best fix right now due to the high amount of false positives they produce and their inability to actually solve an attack without human assistance.

What does Adkin recommend? “Rather than spending tons and tons of money on technology, put a little bit of money on talent and have them do nothing but patching,” she instructed the TechCrunch Disrupt SF audience. And we couldn’t agree more.

The Most Valuable Cybersecurity Roles to Invest In

Technology will only get you so far. The most valuable cybersecurity roles when it comes to minimizing the impact of a cyberattack are surprisingly affordable. Here’s a look at the two most valuable cybersecurity roles and their average salary ranges to give you an idea of the ROI these when a cyberattack hits.

  • Cybersecurity Engineer. Cybersecurity Engineers are the backbone of your Tech team. These professionals tend to come from a technical background within development with knowledge of Python and Java. They are able to get directly behind the code to identify any vulnerabilities and what patches they can make to minimize performance issues or cybersecurity risks. These are the individuals that protect your business from open-source software hacks. The average salary for an experience Cybersecurity Engineer ranges from $90,000 to $140,000. If you're looking for a more affordable Junior-level role to focus purely on patching, then hire Jr. Cybersecurity Engineers with average salaries ranging between $70,000 and $120,000.
  • Incident Responder. Rounding out the two most valuable cybersecurity roles is the Incident Responder. Hiring for this role ties back to Adkins' statement asking what your plan is once you've been hacked. These individuals' responsibilities mirror that of police officers in the sense that they are the first ones on the scene of the attack. Professionals in this role investigate the hack, identify the cause or entry point of the cyberattack, and provide immediate solutions for how to secure the software, network, or system to prevent a similar attack from happening in the future. Hire Incident Responders to ensure that when you do become a victim of a cyberattack, you have a dedicated team of experts already working to identify and patch all vulnerabilities. The average salary range for this role is between $60,000 and $100,000 based on experience.

Although Adkins could be right and a cyberattack on your Tech business might be inevitable, it doesn’t mean you have to remain defenseless. Hire Cybersecurity Engineers and Incident Responders so, in the event of a cyberattack on your business, the impact to your bottom line and most valuable resources is minimal.

If you lack the cybersecurity talent you need to protect against evolving and ever-present cyberattacks, contact Mondo today. We’ll match you with the most valuable cybersecurity roles available to ensure your online assets are protected.