Is security automation the answer to the global shortage of cybersecurity talent?
THE global shortage in skilled cybersecurity professions is rapidly increasing, with one study predicting a projected talent gap of 1.8 million by 2022.
The recruiting, hiring and retaining of skilled employees is becoming an acute challenge, with the most in-demand roles being security analysts. Recruitment site Indeed reports that for every 10 cybersecurity job ads appearing on the site, only seven people even click on one, let alone apply.
This is particularly worrying considering the growth of threat surfaces such as cloud, mobile and Internet of things. There is also the problem of cybercriminals becoming more sophisticated in their tactics, techniques and procedures.
A 2017 Cybersecurity Trends report states a lack of skilled security professionals is one of the biggest problems in regard to obtaining stronger cybersecurity, along with a lack of budget.
It is not difficult to see why cybersecurity jobs are in such demand. Major data breaches can cause companies of all types to incur high revenue losses. So it is important for organizations to have highly-qualified staff with the skills to mitigate this risk.
The competition for qualified cybersecurity professionals is driving up salaries and creating better benefits such as access to training programs. This high demand for jobs is impacting employers by making it harder for them to retain employees, with professionals increasingly taking advantage of the competition.
Too much data. Too little relevance. Too little time
The scope and quantity of data overwhelms many security teams, who are in a race against time to stay ahead of the latest threats to their organizations.
The process of converting unstructured, duplicative data, adding contextual information and running analytics is a time-consuming process for analysts who are already oversubscribed.
Furthermore, a recent study reported by SecurityBrief Asia, found that around 40 percent of security professionals say the threat alerts they receive lack actionable intelligence to investigate, and another 31.9 percent report how they ignore alerts because so many are false positives.
Security automation harmonized with human workforce
Heralded as the future of IT security, cybersecurity automation is an increasing need for many security professionals. A survey by ESG Research revealed 72 percent of security professionals say analytics and operations are more difficult to manage now than two years ago.
Automation can help spot attacks before they begin, freeing up teams and individuals to complete work tasks of a higher, more impactful order.
The existing workflows of security processes, which often involve manual phone and email communications, plus the completion of reports and the inputting of spreadsheets can be orchestrated to become an automatic workflow.
Automation can cut duplicative processes, bring cohesiveness and consistency to cybersecurity responses, compensate for human error, and correlate information across differing sources; ultimately resulting in faster threat detection than would be possible with manual analysis.
The fear of technology
Despite this, there is a growing acknowledgment that automation (much like artificial intelligence) does not replace the need to focus on the human workforce. Effective cybersecurity is about integrating people, processes and technology to reduce risk of threat.
As a September 2016 article form Deloitte University Press noted: “Given the sensitivity of cybersecurity issues, there is also no doubt that humans will still be necessary to confirm and investigate threats, particularly when they are internal. But their jobs will be made much easier and more productive with some help from technology.”
As with any new technology, using automation to enhance cybersecurity may not be welcomed by everyone.
Joerge Sieber, director of product marketing performance at Palo Alto Networks, noted in a blog post that automated cybersecurity may bring with it a “perceived loss of control”.
Whatever solution employers pursue, there is no doubt cybercrime will continue to pose a major threat and that closing the skills gap will remain a matter of critical importance.