Overcoming the cybersecurity skills shortage

The Register’s recent article on the cybersecurity skills shortage certainly offers a catchy title, “Hand in your notice – by 2022 there’ll be 350,000 cybersecurity vacancies.” The vacancy estimate comes from an ISC2 report based on a survey of 19,000 cybersecurity professionals. Drivers of this trend include new EU regulations like General Data Protection Regulation (GDPR) as well as a worsening overall threat environment.

But it isn’t just the number of vacancies, it’s what is addressed in the sub-head, that really highlights the problem.

“Demand outstripping supply ahead of GDPR…” it says, followed by, “and, hot damn, those salaries.”

Those salaries, indeed. What’s going on? For anyone working in cybersecurity, it’s certainly not a big news flash that it’s getting harder to find and retain good people. It’s the scale of the trend that continues to startle. Around 21% of the global cybersecurity workforce left their job in the last year. Moving forward, the pure volume of vacancies will be even harder to address, which in turn will continue to inflate salaries.

350,000 cybersecurity vacancies: Good news or bad?

This is good news for skilled cybersecurity professionals. You’ll have your pick of jobs, 39% of which are commanding salaries of at least $110,000. But for employers the news is a little less positive. You’ll have trouble finding qualified candidates to staff your team, and when you do, you’ll be paying a premium for that talent. And even once you get them, an even bigger challenge will be hanging onto them.

So if you can come up with the cash and be diligent on recruiting, you’ll be okay, right? Not necessarily. The high turnover rate is only partly about money. It also has a lot to do with how interesting the work itself can be. If it’s boring and repetitive, that’s a turn off and will likely lead to higher turnover. Good security people value challenges and stimulation. Overly administrative work will push hard-to-replace people out the door.

Staffing opportunities in security automation

The Register article quotes Raj Samani, fellow and chief scientist at McAfee, who is worried that the skills shortage will hit smaller businesses and government agencies even harder than large enterprises. He is optimistic, however, because he believes the automation of basic security processes can help mitigate the impact of the cybersecurity skills shortage.

Security automation is a double solution to the talent shortage. Not only does it reduce the need to hire additional scarce and costly resources, it also frees existing personnel from the drudgery of boring administrative tasks. So how does one best automate security?

Security automation and orchestration vs. the cybersecurity skills shortage

The most effect way to tackle this problem is by deploying security automation and orchestration (SAO). SAO solutions automate routine tasks and orchestrate workflows designed to respond to security incidents or alerts by integrating with each organization’s complete security stack.

For example, if a suspicious binary appears on the network, an SAO solution can automatically check it against known threats. The SAO solution can then initiate a predefined set of tasks to immediately respond to the threat. These might include opening a ticket in JIRA, emailing key stakeholders of the threat, quarantining the infected device, updating the threat database, and so forth.

By automating and orchestrating mundane and repetitive but essential security tasks, SAO solutions help the cybersecurity team perform more efficiently. SAO can save tens of thousands of dollars in FTE-hours every month in incident response and threat detection work. Analysts can let automation take care of routine tasks while leveraging details collected and centralized by the SAO to take action where needed.

SAO helps heal the pain of the cybersecurity skill shortage:

  • Automation lowers your required security headcount. With fewer positions to fill, the skills shortage will have less impact on staffing.
  • SAO documents and implants team members’ collective knowledge about how to respond to various threats into the system, thus mitigating the impact of staff turnover.
  • Morale is higher because team members aren’t overwhelmed with administrative tasks. Their time is instead spent on higher value and more interesting investigations. This increase in job satisfaction significantly lowers turnover.

How Swimlane can help

Swimlane’s Security Automation and Orchestration solution automates security operations for enterprise teams. It delivers centralized security alerts and real-time security orchestration to respond to incidents automatically—at machine speeds. Analysts can automate repetitive tasks using Swimlane in order to manage incidents more efficiently. Benefits include:

  • Automated incident response
  • Increased situational awareness
  • Reduce mean time to resolution (MTTR)
  • Optimized staffing and cost
  • Real time visibility and oversight

Management Dashboard
SAO solutions like Swimlane give cybersecurity team managers the ability to meet the staffing challenge head on. They make the team more productive, improve threat response, and make the work itself more interesting.

To learn more about Swimlane SAO, visit contact us.

*** This is a Security Bloggers Network syndicated blog from Swimlane (en-US) authored by Kevin Broughton. Read the original post at: