Blog

Top Two Ways to Address the Cybersecurity Skills Gap

May-2019 6 min to read

There’s a looming threat that the cybersecurity community has been battling to overcome for years – and now it appears that we’re reaching a tipping point. Surprisingly, it isn’t some new attack, malware campaign or vulnerability, but rather the acute shortage of cybersecurity professionals.
And this isn’t just a regional trend! In fact, we can expect a global shortfall of 3.5 million cybersecurity jobs by 2021 according to Cybersecurity Ventures.
To some extent, the shortage in cybersecurity skills is actually impacting organizations’ ability to leverage the benefits of digital transformation, because one thing is sure: as you transform, your requirements for protecting your IT services will grow and the risks will also increase – not just from a cybersecurity perspective, but also from the context of the actual existence of the organization.
While it is encouraging to see that both government and private sector organizations are doing their best to foster the cyber talent of tomorrow through initiatives such as 1 Million Arab Coders, and internship programs, the resource shortage is unlikely to go away any time soon.
This means that organizations must look at the most efficient ways they can address this pressing challenge.
Automation (alone) Isn’t the Answer
In our day and age, I don’t think I have heard about any technology which has as many hopes stringed to it than AI and Machine Learning (ML).
In cybersecurity it is no different; and AI and ML will definitely deliver some of the answers to the shortcomings brought about by the skills gap. But they are no silver bullet!
Organizations must instead look at these technologies as tools that humans can leverage to supplement their cybersecurity teams, and to work smarter and do fewer repetitive tasks. A good example of this is Security Orchestration and Automation (SOAR), which is one of the big buzzwords of late. It offers easy, flexible and smart integrations of systems, making it possible for an event to be followed up by a number of automatic actions.
This is all great, but what IT teams maybe sometimes forget with these technologies is that for them to be successful, process, governance and structure need to always be in place. You may benefit from some of the best practices, but in order for it to add real value, you need to understand what you want to achieve and where exactly the solutions make sense.
SOAR really gives the greatest benefits to organizations with mature incident response procedures, where it is possible to identify technical processes that can be easily automated.
It also means that SOAR does not replace investments in other areas, but merely augments them; so, you won’t get away from continuing to engage cybersecurity professionals- whether in the capacity of in-house members or outsourced Managed Security Services (MSS) teams.
Optimizing Cyber Defenses
When skilled resources are scarce, the last thing organizations can afford to do is to allocate already over-stretched cybersecurity professionals to tasks that don’t maximize the impact of their efforts.
In the cybersecurity realm, I’ve often noticed that too many organizations invest in the very best security solutions yet fall victim to attacks that these solutions should have prevented. The underlying reason in many such instances is that the implementation of the platform was not done correctly; or possibly, post-implementation, management of the platform did not adopt the advanced features the platform offers.
As clients evaluate new security technologies, they should also evaluate – with an equal amount of attention – the implementation partner. We often face situations wherein we have to compete with peers in the industry who do not have the required skills or do not calculate the correct effort required to implement a solution. Customers may think that they get a better deal by paying less, but actually, the value of the solution is degraded if the implementation does not get the attention the solution requires.
The next thing which I think is not happening enough is testing whether the implemented solution actually does what it was set out to do. Endpoint security is probably the best example as most vendors tell a similar story with small variations of the story-line and capabilities. However, when put under the critical inspection of a pen tester, who performs the same attacks as any malicious attacker would do, you will see exactly how good or bad the technology and implementation is. Very often you will actually figure out that to prevent some of the most common attacks, you do not need to invest in technology but simply make minor tweaks to the configuration of your systems.
What proper pen tests also allow you to do is to identify the glaring holes, which your infrastructure and solutions may have – simply put, these allow your security teams to work with laser focus on making your systems better and risks smaller.
Finally, let me highlight that a proper penetration test is not some tool to be run on a weekly basis. Rather it implies engaging with experts who think and act as attackers, but instead of encrypting your systems with ransomware and dumping your critical databases, they tell you about it and also explain you how you can fix it – let me know if you want me to introduce you to such people, I know them as I sit right next to them in the Help AG office.
Luckily, in the world of cybersecurity, the wheels are constantly in motion and great technological advances are being continually made. However, let’s not forget that all technologies take some time to become safe: airplanes took around six decades before they were ready for commercial use, and cars took close to a century before simple accidents were not fatal. The Internet and IT is no different, but the stakes are much higher because you cannot exactly choose if you use IT or not. It is all part of how our life works, from buying our coffee at Starbucks, or hailing our cab in the street, to communicating across networks. There is no technology paradigm which has impacted the world more the Internet and connected computing – securing it will allow us to maximize its benefits.
Engaging the Experts
For organizations already struggling with a cyber talent shortfall, an effective and cost-efficient fix is to leverage Managed Security Services. This involves outsourcing challenging and labor-intensive IT management tasks to qualified teams of experts who monitor their customers’ IT environments 24x7x365. At Help AG, we have seen the demand for these services soar, especially in the last two years, as organizations have become more comfortable with the idea of outsourcing key security tasks. Personally, I believe that this is in the recognition by clients that a proper cybersecurity response requires immense resources, process as well as a core focus on security to stay on top. When I see the engagement between our ethical hackers, analysts and implementation consultants, it is clear to me that having all skills under the same roof is imperative.
So, if your organization is facing a cybersecurity skills shortage and is keen to evaluate the most effective way to strengthen your defenses, don’t hesitate to get in touch with Help AG. Whether it’s enabling you to optimize your existing investments, uncover the most critical vulnerabilities, implement robust security policies, or deliver 24×7 monitoring and security of your security environment – we’re here to help!