Skilled cybersecurity talent is in tight supply. It’s challenging to recruit, hire and retain skilled professionals: trends that are expected to continue into the near future.
According to the (ISC2) 2022 Cybersecurity Workforce Study, the 2022 global cybersecurity workforce gap stood at 3.4 million people, an increase of 26.2% from 2021. In Australia alone, there were nearly 40,000 unfilled cybersecurity jobs in 2022, an increase of 57.6% over 2021.
Couple this gap with the surge in cyberattacks, and the result is the perfect storm for organisations doing their best to protect their data and assets, including infrastructure and applications.
The threat is real. According to my company’s recent First Half 2023 Threat Analysis Report, the number of malicious web application transactions alone skyrocketed by 500% compared to the first half of 2022.
Yet according to our Application Security in a Multi-Cloud World Report, less than half of organisations indicate they trust their security staff to configure and maintain a strong application security posture across the public cloud platforms they currently use for hosting applications.
Given the shrinking cybersecurity talent pool and surge in cyberattacks, organisations must adjust their approach to managing their cybersecurity programs. To help reduce the reliance and load on internal teams that are already overstressed and understaffed without compromising security programs, organisations should consider the following three strategies.
#1 — Consolidate security tools
One of the most effective and efficient ways for organisations to address the cybersecurity staff shortage is to consolidate their security tools. The mathematics are simple: The fewer tools there are to manage and maintain, the less time and energy is spent switching between systems and management consoles.
As part of the consolidation process, organisations should replace individual tools and defences that provide piecemeal protections with one-stop-shop, best-of-suite solutions that cover a wide range of attacks and threat vectors. And it should all be managed with a single tool that includes a comprehensive reporting dashboard.
Consolidation has several important benefits. It enables security teams to maintain the same level of protection while speeding up processes with centralised management and reporting. In addition, it minimises the time spent on integrating separate products.
Nonetheless, it’s important that consolidating tools doesn’t degrade an organisation’s security posture. Selecting a best-of-suite tool that also delivers best-of-breed security will ensure that cybersecurity protections operate at optimal levels.
#2 — Automate! Automate! Automate!
Another way to reduce the workload on cybersecurity staff is to automate as many processes as possible and replace slow and labour-intensive manual configurations. When it comes to cybersecurity, automation falls into two categories:
- Security: Organisations can automate actual cyber defence activities, such as policy configuration, rule configuration, and signature creation.
- Deployment: Organisations can automate the deployment of cybersecurity mechanisms that don’t interrupt existing business or technical processes.
To defend successfully against attacks that are bigger, more frequent and more sophisticated, organisations must embrace security automation. Any type of manual security process becomes vulnerable to evolving attack patterns and new zero-day threats.
Because neither an evolving nor zero-day attack has a protection signature, it presents a particularly difficult problem in today’s staff-constrained world. There simply aren’t enough qualified people with the time and skills to quickly and effectively respond to shifting attacks 24X7X365.
By automating cyber defences, including creating new rules, defining security policies, managing deployment activities and more, organisations can reduce both the direct workload on cybersecurity teams and successfully mitigate attacks. In addition, they can reduce the cascading impact and interruption that incidents create for other teams across the organisation, including DevOps, IT, operations, marketing and others.
#3 — Engage managed security service providers to do the heavy lifting
Managed security service providers offer another resource for addressing today’s shortage of cybersecurity professionals. The idea is to outsource cybersecurity functions to service providers and let their tested and fully managed security services do the heavy lifting.
The term cybersecurity encompasses a massive domain that spans many dedicated sub-domains. Examples include network security (i.e. firewalls, VPNs, secure web gateways), application protection (i.e. web application firewalls, bot protection, DDoS protection), endpoint security (i.e. anti-virus, EDR), email security, public cloud security (i.e. workload protection, CSPM, IAM security), and many, many others.
Each subdomain is distinct in its scope of protection, attack vectors, threat surfaces and mitigation tools. As the threat landscape becomes more complex, these domains require more dedicated, specialised experts.
It is virtually impossible to find cybersecurity staff who possess the specialised skill sets and expertise required to address each sub-domain and understand all the tools that support them. So, even if an organisation has enough personnel, it may not have the right skills on staff to adequately cover all the bases.
It simply makes sense to outsource certain security functions to experts who perform these activities daily. It’s their sole focus.
Just remember, it’s critically important to ensure that managed security providers have a proven track record and that they are properly staffed and trained. Engaging a managed security service provider can greatly unburden internal cybersecurity teams while simultaneously enhancing an organisation’s level of protection.
To summarise, cybersecurity staff and skill shortages affect organisations worldwide, and few companies are immune. While recruiting and retaining trained experts will undoubtedly remain a challenge in the future, organisations are not without options. Consolidation, automation and outsourcing can go a long way in not only alleviating the strain on security teams but also improving the quality of cybersecurity programs and initiatives.