It’s no secret that the cybersecurity industry is in something of a talent crisis. The need for security experts greatly outpaces the supply, leading to half a million open cybersecurity positions in the US alone as of September 2021.
These professionals underpin the security and integrity of networks and data, manage a company’s security stack and have the skills to identify, react to and remediate security risks.
Over the past year, this talent pool has faced unprecedented demands as the pandemic forced understaffed cybersecurity teams to extend security to cover the blending of corporate and home technologies as millions of employees worked remotely – all the while adjusting to the challenges of remote work themselves.
To compound these difficulties, malicious actors have pounced, preying on these new work arrangements, hastily set-up network architectures and fears of the pandemic to launch a growing number of cyber-attacks.
All of this has culminated in a cybersecurity workforce that is stretched out, overburdened and burnt out.
The novelty of this situation has forced organizations to rethink how they attract talent, train employees and educate those inside and outside the organization to better understand the different threats they face. Organizations are raising pay, recruiting from underserved communities and making cybersecurity careers more accessible to students without a traditional degree.
These solutions are helping but not filling the entire gap. This challenge did not arise overnight and will require long-term strategic thinking to overcome.
Unfortunately, time is a luxury. Malicious actors are not good sports, waiting for the cybersecurity community to transform itself before launching an attack.
For organizations in the public sector, the crisis is even more acute. Public sector organizations are often limited in the salary they can offer employees, meaning they cannot compete with private sector salaries.
At the same time, public sector employees have been especially impacted by the rise in cyber-attacks due to the pandemic. A recent report found that IT teams in the federal, local government and education sectors saw some of the largest increases in their cybersecurity workload in 2020. This increased workload made these organizations especially vulnerable, with a higher percentage of organizations in these three sectors reporting slower threat response times.
All the same, the cybersecurity industry needs to act now and follow the lead of the fast-food industry and small businesses that have addressed skill shortages by leveraging technology to help manage work, increase productivity and reduce burnout.
Here’s how:
First, look for technology solutions that prioritize automation. Technology that automates lower-order tasks is relatively easy to deploy, frees up workers’ valuable time and removes the potential for any human error combing through different risks.
Second, recognize the power of context. In cybersecurity, context can help workers better understand the threats they face and enable them to make better, more accurate and faster decisions.
Not all threats are the same, so it’s important that context follows automation so that security teams do not waste hours chasing down the most basic of threats that can quickly be remediated via technology.
Third, look for technology solutions that leverage the expertise you already have. While context is key for understanding a single threat, it’s also valuable for cybersecurity teams who need to decide which threats to prioritize. Workflow prioritization can help identify and remediate the most dangerous, time-consuming threats instead of randomly remediating threats based on when they’re discovered.
Many solutions already exist that can provide this kind of automation, orchestration and context. For example, if you are monitoring the DNS traffic of your network and your DNS Firewall blocks a request to a malicious site, use solutions that can automatically trigger a response to the network access control system to quarantine that user into a sandbox until it can be further researched by an analyst. This will dramatically reduce the time and effort needed to track down and isolate infected devices. At the same time, systems that automatically send additional context about that user and the request (Who is the user? What kind of machine are they using? Where was the request sent?) to the analyst can give them a head start into researching and ultimately mitigating the threat.
Vulnerability scanners are also a point of note. Often, they only scan networks at a given interval (once a day, week or even month. Yes, monthly scans are a thing). Organizations can quickly, easily and automatically improve their security posture by scanning a device as soon as it connects to the network by leveraging an orchestration flow where the DHCP server automatically identifies the new machine and triggers the scan.
These and other technology solutions that leverage automation, context and the skills your team already has are not merely a bridge between now and a fully-staffed cybersecurity industry of the future. They are a critical part of a robust cybersecurity platform today, which both improves network security and extends the capabilities of the team you already have.