Kaspersky unveils new training for malware analysts as lack of expertise becomes main reason to outsource IT security
More than half (51%) of small and medium-sized businesses (SMBs) and enterprises (41%) [AAR1] cited that meeting compliance requirements and attaining special expertise as ‘as their top reasons [AAR2] [AAR3] for engaging third-party security specialists in 2021 across the META region, according to the Kaspersky annual IT Security Economics report. To help IT security workers reach that highly sought-after professional level, Kaspersky has expanded its online training portfolio with the Advanced Malware Analysis Techniques course for established reverse engineers, incident responders, and digital forensic specialists.
In 2020, businesses were forced to accelerate their digital transformation by months, or even years, resulting in the rapid increase of complex IT infrastructure and related security risks. In combination with the shortage of cybersecurity specialists and a lack of capacity to develop talent internally, this situation has compelled companies to look for external support.
Kaspersky’s global research, conducted among IT business security decision-makers, shows that companies are turning to the outsourcing of certain functions to gain expert help. In 2021, specialists indicated that the efficiency in delivering cybersecurity solutions is another main reason to bring in third-party services. [AAR4] Last year, enterprises mainly outsourced IT security because of the shortage of relevant experience inside my organization (100%), [AAR5] while SMBs mentioned the same reason for the outsourcing IT security (80%).[AAR6]
Reasons for outsourcing IT security functions to MSPs/MSSPs
Improving specialist expertise is also the second main driver of IT security budget expenditure for all sizes of business – almost four in ten (39%) [AAR7] organizations mentioned this factor as the main reason to increase their spending on cybersecurity alongside top management’s desire to improve our defenses (40%),
All of this means that highly-qualified security experts are more in demand today than ever. Those who want to enhance their career must seize the moment to acquire new, rare skills. To help professionals from all over the world take their skills to a new level, Kaspersky has expanded its training portfolio with the new Advanced Malware Analysis Techniques course[AAR8] .
The focus of the course is advanced static analysis. That is because this is the most reliable way to determine the functionality of the code and find actionable artifacts for cybersecurity incidents involving previously unseen malicious code. This allows organizations affected by APTs to define adequate damage assessment and incident response.
The course also heavily features exclusive Kaspersky know-how on decryption automation, decoding and other processing of the samples, which helps not only optimize routine tasks, but preserve a researcher’s work in code.
The training was developed by Igor Kuznetsov, Chief Security Researcher and member of Kaspersky’s revered Global Research and Analysis Team. Igor cherry-picked exercises from his own work on cases like Lazarus, MiniDuke and Carbanak, to cover the most important aspects of static analysis in IDA Pro while also demonstrating unique cornerstone cases that require special treatment.
“During my 20-year career at Kaspersky, I have had a chance to work on many interesting and notorious APT campaigns. The Advanced Malware Analysis Techniques course has assembled this expertise to transfer it to the next generation of IT security professionals. We hope that our experience and the tools that we share will help level up the experience of working with cybersecurity incidents – such as analyzing complicated malware or doing onsite incident response and triaging samples correctly,” comments Igor Kuznetsov, Chief Security Researcher at Kaspersky.
The course contains 60 video lessons and 100 hours of virtual lab time for hands-on learning. Participants will have six months of access to complete the training at a convenient pace.