How the Security Skills Gap Leads to Data Breaches
What causes network security breaches? The simple answer is “successful cyberattacks.” Still, even advanced threats don’t succeed in a vacuum. They often benefit from the specific characteristics of their targeted environments, similar to how weeds adapt to take advantage of the resources intended for cultivated plants.
In the case of malware, maybe a popular protocol is exploitable. Or perhaps no one is able to perform the necessary baselining, threat hunting and security reporting to keep it in check – it’s like those weeds proliferating in the absence of herbicides.
No One’s Home: How the Cybersecurity Skills Shortage Drives Security Incidents
“The skills gap is a direct cause of security breaches.”
Not having sufficient security personnel is a growing problem for businesses. According to “The Life and Times of Cybersecurity Professionals” survey of 343 respondents by the Information Systems Security Association (ISSA) and ESG, half of respondents reported an incident at their organizations between 2015 and 2017. The cited causes were revealing, since most focused on issues of staffing and skills.
The “skills gap” between the supply and demand of cybersecurity expertise is well-known, with some reports estimating unfilled positions in the millions by 2020. The ISSA/ESG report provided new details on how this shortage doesn’t just lead to overworked employees and hiring difficulties– it’s a direct cause of security breaches, too:
- Over one-fifth (22 percent) said cybersecurity teams were too small for their organizations; 18 percent said they couldn’t keep up with their workloads. 2018 State of IT report from Spiceworks corroborated these trends, and found more companies planning no changes to staff than firms adding new hires.
- 31 percent reported insufficient training of nontechnical employees. Experienced cybersecurity workers must lead by example and educate others to discourage risky behaviors such as recycling passwords, clicking mysterious email attachments and paying ransomware fines.
- Twenty percent also said their executive and business teams don’t prioritize cybersecurity, risking underinvestment in both technical employees and modern security operations centers (SOCs) that go beyond perimeter security.
In other words, less is definitely not more when it comes to network security. With no one home in the SOC, potential risks go unflagged and may become real infiltrations of IT infrastructure. Unfortunately, modifying your security information and event management (SIEM) platform is often an unrealistic response to this problem, due to cost and staffing issues.
AWN CyberSOC: Your New Eyes and Ears for Security
What if instead of saddling shorthanded teams with the task of managing sophisticated threats, you could entrust the responsibility to an experienced managed services provider? It isn’t actually a hypothetical; you can implement SOC-as-a-service today.
With SOC-as-a-service, you can replace your existing SIEM in minutes. Its managed detection and response (MDR) capabilities synthesize machine learning with human insight provided by AWN concierge security engineers. This hybrid AI approach is ideal for catching the wide variety of threats springing up on today’s networks. Click the banner below to learn more.