If you had told me 20 years ago that today Id be charged with making sure that grocery stores remain stocked, public transportation schedules are running, and gas pumps are full, Id be very confused as to what line of work I ended up in.
All those years ago, I had the same job I do today, as a digital forensic and cybersecurity incident responder. Back then, I focused on keeping corporate and consumer data from falling into bad actors hands. Concerns for physical implications were non-existent. Today, theres a common trait connecting these seemingly disparate experiences to each other: they all rely on (digital and physical) network connections to operate. And those networks are under attack from the same cybercriminals that were stealing credit card data 20 years ago.
The stakes have changed drastically when it comes to cyberattacks. Ive fended off thousands of cyberattacks over the years, from my service in the United States Air Force to defending clients of telecommunication giants and now leading and training the next generation of cyber frontline respondersand Im telling you that change has and will continue to impact us all, potentially at a scale we cant comprehend.
The physical and digital worlds are merging, and cyber threats are now crossing over into the real world. Its no longer just about keeping data from falling into the wrong hands or credit card data being stolen. Cyberattacks today are engineered to achieve physical disruption and operational downtime, usually targeting the worlds critical services: The FBI revealed that in 2021, 14 of 16 critical infrastructure sectors were attacked with ransomware.
Its happening before our eyes, it just hasnt hit us yet. In 2022, a ransomware attack resulted in interrupting services at hundreds of gas stations in Germany. The U.K. recently thwarted an attack on its transportation links. Cyber has grown into a staple tool used during warfare, although we have yet to see its full extent materialize.
As threats evolve, so is whats being asked of those defending against them. Today failing to hold the line against cyberattacks can have a material impact on the economy and access to essential day-to-day services for citizens.
But thats not the only thing at stake
As cyber incidents quickly multiply, whats worrisome is that the men and women with the skills to defend against them are still in very short supply worldwide. A recent global study found that its common for 68% of incident responders to have to defend against two or more attacks simultaneously. Inevitably, many businesses are left without manpower in the face of a cyber crisis.
Simply put, incident responders are outnumbered.
Even so, they are still showing up, often overwhelmed, pushing through a considerable mental strain according to the data. In fact, disruptive attacks like ransomware have exacerbated the pressure and psychological demands of cyber frontline responders. Many are seeking out mental health assistance because of the very nature of responding to cyberattacks.
The world is becoming increasingly reliant on these teams, even if its still largely unaware of their importance. However, if we do not take measures today to support them as well as create a talent funnel that can meet tomorrows inevitably larger cyber needs, we will find ourselves unprepared to defend the new digital front line.
We must recognize the nature of incident response as an emergency service for digital intersections and acknowledge the immense pressure and high stress scenarios cyber responders are constantly up against. While we see their sense of service overriding these challenges, businessesand the cybersecurity industry itselfmust put in place sustainable support structures to avoid incident response burnout. That starts with considering incident responders andthe challenges they facewhen preparing for cyberattacks, and planning around those resources and conditions.
Governments and private industry must invest more in educating the public about the material and direct importance of cybersecurity, as well as the critical mission of incident responders. To build up the next generation of cyber frontline defenders, people must know this career path even exists. Were beginning to see more dedicated efforts to help people envision themselves in cyber, like DHS CISAs See yourself in cyber initiative. This must be a collective undertaking that couples education on the diverse disciplines within the field with pathways to cybersecurity training. For example, IBM is collaborating with 20 Historically Black Colleges and Universities to help them establish Cybersecurity Leadership Centers.
Whether theyre kicking cybercriminals off networks behind screens, pulling out plugs in server rooms to stop an uncontrollable spread of attacks, or strategizing in war rooms, incident responders are silently defending our modern way of lifeday in and day out. The question is, are we doing enough to support them?
Laurance Dine is the global lead of incident response at IBM X-Force.
The opinions expressed in Fortune.com commentary pieces are solely the views of their authors and do not necessarily reflect the opinions and beliefs of Fortune.
More must-read commentary published by Fortune:
Sign up for the Fortune Features email list so you dont miss our biggest features, exclusive interviews, and investigations.
