The cyberthreat landscape keeps evolving, but finding skilled cybersecurity pros is an increasing challenge for today’s organizations. Without the required cybersecurity skills and talents needed to hunt down and respond to threats, companies risk data breaches that may lead to huge financial losses and take years from which to recover.
It’s not just large enterprises that cybercriminals are targeting either, as smaller firms are finding themselves more frequent victims of cyberattacks, if not as principal targets then as collateral damage. That’s why security experts are in such high demand, and it’s why the skills gap–the disparity between what organizations need and the specialized security personnel they actually have on hand–has received significant attention for years now. Despite the growing concern, however, this skills gap continues to widen.
The Numbers Don’t Lie
Recently, the IT governance association ISACA released part one of its annual State of Cybersecurity Report. Its findings demonstrate that businesses of every size still struggle to put together a sound security team capable of handling the ever-increasing number of cyberthreats. In fact, half of the respondents indicated that their organization has been the victim of an attack within the past 12 months, while the study also revealed that 81 percent of cybersecurity professionals believe their business is likely or very likely to experience a cyberattack.
“81% of cybersecurity professionals believe their business is likely or very likely to experience a cyberattack.”
Of greater concern was that nearly one in three organizations said that their board of directors has not adequately prepared for a cyberattack. A common sentiment in the past has been that cyberattacks are not a matter of “if”, but “when.” Today, it’s continued evolving from “if” to “when” to “how often, “and finally, to “how long can we withstand” cyberattacks. Organizations unable to launch a swift and robust response once they’ve detected an attack are often unable to mitigate damages beyond a reasonable consequence.
The news isn’t all bad. The ISACA survey showed that a greater percentage of organizations now prioritize security as well: 65 percent of respondents indicated that their organization’s security budget would increase this year, compared to 50 percent last year.
Yet the tools hackers use to conduct cyberattacks have become more advanced and ubiquitous. The same tools and methods that were once used solely in nation-state attacks are now becoming “mainstream” and used by cybercriminals around the globe against corporations large and small. Among these methods are the deployment of advanced social engineering campaigns, as well as fileless malware campaigns that exploit legitimate applications to launch network attacks.
What Can Be Done?
The consensus among most researchers is that the talent gap will continue to widen before it shrinks. According to Cybersecurity Ventures, the number of cybersecurity vacancies could reach 3.5 million by 2021.
Some promising signs exist, including new machine learning-based security solutions. Still, organizations can’t blindly trust machine learning and artificial intelligence technologies. While highly useful for collating and analyzing logs and deciphering potential threats, there’s a major drawback to relying on machine learning and AI alone.
Supervision is key. Machine learning-based threat detection requires skilled security analysts able to hunt for new and unprecedented cyberthreats. These security experts must understand even the subtlest indicators of misuse over their unique IT environment (because no two networks are exactly alike). The big catch is, again, that skilled cyber pros are hard to find–and demand salaries many companies can’t easily afford.
Making On-Demand Expertise More Available
To make substantial headway in the mission to acquire more cybersecurity expertise, the economics of cybersecurity must change–especially for those companies that are small to midsize enterprises (SMEs). Large enterprises often have the resources to attract and retain enough top security talent to perform round-the-clock threat monitoring and incident response in a security operations center (SOC). But most SMEs lack that on-demand access to security experts, let alone the tools needed for log aggregation, alert triage, threat hunting, and real-time incident response.
Luckily, that situation is now changing. Directly addressing the cost and manpower problem of cybersecurity is SOC-as-a-service. A managed SOC provides on-demand access to security analysts all hours of the day and night. These experts perform 24/7/365 threat detection and response functions using the most advanced security technologies and up-to-the-minute threat intelligence feeds that give you complete visibility into your network’s security. All the people, processes and technology needed for SOC management are effectively bundled into a predictably priced subscription offering.
Interested in learning more? Download this white paper.