Authored article by Rahul Kumar, Country Manager, WinMagic
As the list of organizations falling prey to attackers increases with each passing year, the critical shortage of security experts is both widespread and alarming. Its time institutes prepare students to fuel the current demand. Companies are facing an uphill task in managing risks and threats owing to the paucity of skill, talent and staff, despite their increase in security spending.
Chaos rules when organizations attempt to make do with half-hearted measures that pass as business apathy. These measures have led to increasing workload on existing security staff, who spend most of the time fire-fighting emergency issues rather than proactively preparing the defences. The upshot of such exigent procedures is the rise in cybersecurity incidents.
Late last year, ESG and Information Systems Security Association (ISSA)undertook a research to study the contributing factors behind the constant wave of security events experienced by large and small organizations. Among other things, the survey revealed that negligible training and inadequate staffing were the root cause behind security events. The survey goes further than simply focusing on the jobs deficit; it also highlighted the wide-ranging impact that skills shortage is having on the organization. For instance, the survey respondents identified the following factors behind the increasing number of security events:
•Lack of training for non-technical employees has given rise to increased incidents. People simply do not understand the ramifications involved in opening a rogue attachment, clicking a malicious link, etc.
•Organizations have not sufficiently increased the security team’s strength to keep pace with business growth. In fact, organizations do not spare resources for even routine capacity building within the establishment, such as nurturing talent, etc.
•Management tends to narrowly view security as a compliance issue, a cost centre, and a business exigency. They are overlooking their responsibilities relating to data privacy and security.
•Increased workload and competing priorities continues to relegate the responsibilities of the security team to a lower level.
Skills deficit: The widening gap
Breach detection, threat mitigation, and incident response are only as good as the people tasked with handling them. These are people-intensive processes that depend on advanced skills, planning, and strategy. The top three roles mostly affected by the skills shortfall include the following:
•Security analysts and investigators, responsible for detecting and responding to security events
•Application security specialists, responsible for addressing all security issues in the development phase of an application
•Cybersecurity professionals, responsible for data privacy and safety in an enterprise’s cloud environment
It is interesting to note how organizations are trying to endure with the crisis on hand. They are offloading more work to the security pros, overwhelming them with new compliance details and checkpoints. Organizations are also finding it prudent to outsource certain security functions, such as risk assessment and mitigation, network monitoring and access management. Skills shortage has forced some organizations to train their junior staff wholesale, although this may not always be a productive effort considering the need at hand. As for the cyber teams, they are pushed to spend a disproportionate amount of time on high-priority issues and incident response. In what is perceived as an example of business apathy, crucial tasks such as planning, strategy, or training takes a back seat. Moreover, businesses have not been forthcoming with proactive measures to improve cybersecurity, streamline operations, or mitigate risk. More importance is given to responding to risks rather than proactively setting up the defence mechanism.
Addressing the shortfall
As the skills shortage only exacerbates the data security-business gap, organizations must align cybersecurity with business processes and work collaboratively with the security team. In the face of lacing resources, many CISOs are following the advice of leading Security Vendors, addressing cybersecurity requirements by undertaking these measures to alleviate pressures. These measures include:
1.Reducing the attack surface by using advanced technologies that support micro-segmentation, identity-based access controls, threat intelligence gateways, encryption, and secure DNS services
2.Automating processes such as data collection, event lifecycle management, and process workflow, after assessing the current requirements
3.Investigating, evaluating, and deploying security solutions based on artificial intelligence (AI) so that threat detection can be seamless
4.Constantly assessing the skill level of staff, and expeditiously training them to meet the new security demands
5.Leveraging managed service and SaaS providers to address specific requirements that are beyond the capability of their organization
According to one estimate, total global cybersecurity spending will be more than $100 billion over the next four to five years. The past couple of years witnessed massive security breaches world over; even the most secure of establishments had to bear the ignominy of losing data. Things are getting a lot more complicated with the enforcement of stringent regulations; EU GDPR is here to stay and so are the many other conventions of different industries, states, and economic blocs. The time is now for organizations to make haste and take remedial action rather than suffer a fate that weighs heavily on cost, business continuity, and organizational reputation.