Skills Gap Mitigated Using Automation
February 20th, 2017
Talented Cybersecurity Intelligence Analysts are hard to find. As we noted in our “Perfect Analyst” blog post, a good analyst must possess a myriad of qualities and have years of experience to be able to cope with massive amounts of data and act effectively.
This problem is not limited to the cyber intelligence field, however. In fact, it is a huge challenge almost every corporation faces when trying to staff cybersecurity positions.
Let’s take an in-depth look:
It’s hard to find and recruit cybersecurity personnel
Finding and recruiting talented IT security staff members with the right skill sets is a “significant” challenge for fifty-seven percent of organisations.
Employees have basic IT security skills, but specialists are harder to find
According to Cisco, more than six out of ten respondents report that half or fewer of their security staff have the specialised skills and training necessary to address complex security issues. A similar percentage of respondents believe that their employees’ skill sets concerning emerging and evolving threats are less-than adequate.
Retention is a challenge
Once such professionals are recruited, retaining them is not easy. On average, an IT security professional will receive at least one phone call from a recruiter every week.
Employee attrition is high due to mundane tasks
Forty percent of IT security departments spend most of their time on routine system maintenance and update activity, leaving little time for addressing emerging and evolving threats, security vulnerability testing, incident/threat response, and communication with the executive team. This causes employees to leave such positions for more exciting jobs.
In summary, it’s very difficult to recruit skilled IT security personnel, and it's hard to retain them — especially if you let them do repetitive, boring tasks.
How can organisations bridge this ever-widening skills gap?
This crisis is only in its infancy - Cisco’s 2015 Annual Security Report estimated that around one million IT security professional are vacant, and that 4.5 million positions will be vacant in 10 years. So how can organisations cope?
Security-as-a-service has been offered for quite some time, and many organisations have adopted this model to handle their security infrastructure (Firewall, Log Management). Services will evolve to encompass additional aspects of security — such as incident response, intelligence and forensics, allowing companies without the necessary manpower to benefit from greater security.
Technology advancements allow for greater automation than ever before. Many mundane tasks (such as opening and closing tickets, managing IP lists, etc.) can now be completed by orchestration and automation systems, freeing analysts to focus on more important, and interesting, tasks.
Consolidation of systems and sources
Platforms which correlate data from multiple sources and present it to analysts in a concise, context-based manner helps to reduce costs, and also improves the analysts’ efficiency. It requires shorter training (much quicker to learn how to operate one platform than several systems or feeds) and less experience, widening the available pool of recruits and reducing the need for specialists in every position, thus opening more positions to entry-level applicants.
Implement tools that empower analysts
Technologies and tools that enable analysts to do more are empowering on many levels — from operational to psychological. An analyst who can identify an event, investigate and mitigate it while communicating with other teams and management, is far more motivated to maintain their position than an analyst who simply “feeds the machine” with M2M intelligence feeds or reads and compiles intelligence reports which no one will read.
At IntSights we have the most talented employees at our disposal, but we recognise that this is not the case throughout the industry. That’s why we’ve developed an intelligence system that can be consumed as a service, with a high degree of automation and a set of tools that empower analysts to do more, to do better and ultimately, to have a greater effect on the organisation’s overall security.
For more information about our product, please contact [email protected]
Stay up to Date!
Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.