Kaspersky unveils new training for malware analysts as lack of expertise becomes main reason to outsource IT security
November 2021 by Kaspersky
Around half (44%) of small and medium-sized businesses (SMBs) and enterprises (50%) gave ‘the need for special expertise’ as their for engaging third-party security specialists in 2021, according to the Kaspersky annual IT Security Economics report. To help IT security workers reach that highly sought after professional level, Kaspersky has expanded its online training portfolio with the Advanced Malware Analysis Techniques course for established reverse engineers, incident responders, and digital forensic specialists.
In 2020, businesses were forced to accelerate their digital transformation by months, or even years, resulting in the rapid increase of complex IT infrastructure and related security risks. In combination with the shortage of cybersecurity specialists and a lack of capacity to develop talent internally, this situation has compelled companies to look for external support.
Kaspersky’s global research, conducted among IT business security decision-makers, shows that companies are turning to the outsourcing of certain functions to gain expert help. In 2021, specialist expertise has surpassed even financial effectiveness as the main reason to bring in third-party services. Last year, enterprises mainly outsourced IT security because of the added efficiency they provided in delivering security solutions (70%), while SMBs were guided by
Reasons for outsourcing IT security functions to MSPs/MSSPs
Improving specialist expertise is also the second main driver of IT security budget expenditure for all sizes of business – almost four in ten (38%) organisations mentioned this factor as the main reason to increase their spending on cybersecurity.
All of this means that highly-qualified security experts are more in demand today than ever. Those who want to enhance their career must seize the moment to acquire new, rare skills. To help professionals from all over the world take their skills to a new level, Kaspersky has expanded its training portfolio with the new .
The focus of the course is advanced static analysis. That is because this is the most reliable way to determine the functionality of the code and find actionable artifacts for cybersecurity incidents involving previously unseen malicious code. This allows organisations affected by APTs to define adequate damage assessment and incident response.
The course also heavily features exclusive Kaspersky know-how on decryption automation, decoding and other processing of the samples, which helps not only optimise routine tasks, but preserve a researcher’s work in code.
The training was developed by Igor Kuznetsov, Chief Security Researcher and member of Kaspersky’s revered Global Research and Analysis Team. Igor cherry-picked exercises from his own work on cases like Lazarus, MiniDuke and Carbanak, to cover the most important aspects of static analysis in IDA Pro while also demonstrating unique cornerstone cases that require special treatment.
“During my 20-year career at Kaspersky, I have had a chance to work on many interesting and notorious APT campaigns. The Advanced Malware Analysis Techniques course has assembled this expertise to transfer it to the next generation of IT security professionals. We hope that our experience and the tools that we share will help level up the experience of working with cybersecurity incidents – such as analysing complicated malware or doing onsite incident response and triaging samples correctly,” comments Igor Kuznetsov, Chief Security Researcher at Kaspersky.
The course contains 60 video lessons and 100 hours of virtual lab time for hands-on learning. Participants will have six months of access to complete the training at a convenient pace.