Story image

Under the spotlight: The tech security people crunch

09 Oct 2017

The tenure of an enterprise Chief Information Security Officer (CISO) is said to be less than two years. A change in that position almost always follows a breach that either compromised customer data, or attracted media attention. It is easy to understand if CISOs are focused on threats, risks and compliance. The recruiting, hiring and retaining of skilled employees is quickly becoming an acute challenge, and, in some cases, a competitive differentiator.

  • The eighth Global Information Security Workforce Study (GISWS), which includes feedback from over 19,000 information security professionals worldwide, projects an information security workforce gap of 1.8 million by 2022. This represents an increase of 20 percent from the 1.5 million worker shortfall forecast by the last study.
  • ISACA predicts there will be a global shortage of two million cyber security professionals by 2019. And one of the most in-demand security roles will be security analysts.

However, the numbers tell only part of the story. Precisely as threat surfaces are increasing – think cloud, mobile, IoT – and cybercriminals get increasingly sophisticated in their tactics, techniques and procedures (TTPs). Unfortunately, the supply of “guardians” hasn’t kept up.

Today, finding the right cybersecurity talent has become a serious problem across all industries. A 2017 Cybersecurity Trends report states lack of skilled security professionals is top of the list of biggest obstacles to stronger cyber security (45%), tied with lack of budget!

Too much data, too little information

The combination of a kinetic threat environment and security staff that are overwhelmed and underfunded is that the scope and sheer quantity of data wears down, if not overwhelms, many security teams.

A recent survey found 40.4 percent of security professionals say that the alerts they receive lack actionable intelligence to investigate, and another 31.9 percent report that they ignore alerts because so many are false positives.

Security automation: ROI for your human capital

Better automation is top of mind for many security professionals, in a survey by ESG Research, 72 percent say analytics and operations are more difficult now than two years ago. However, there is a growing acknowledgment that automation- like artificial intelligence- does not replace the need to invest and focus on the human workforce. 

Rather, better orchestrating tasks to be efficient and automating where possible, frees up teams and individuals to do different types of work often of a higher order, and complex and abstract, and more impactful, work for the organisation.

Much can be done to better orchestrate the existing, routine workflows of security processes. Day-to-day SOC operations that sometimes involve ‘manual’ phone and email communications, filling out operations, compliance and incident reports, even the use of spreadsheets, can be better integrated into an automated workflow.

Applied context and threat intelligence can enable security professionals to more quickly focus on the threats that matter, the real Indicators of Compromise (IoC).

Automatic correlation of threat intelligence with indicators and network activity/business context provides a clear line of sight through the noise of alerts. This increases not only the return on your investments in security technology, but also your human capital. At hand, actionable intelligence empowers security analysts and can help make them feel they are making a difference.

Advanced threat analysis automatically populates investigations with historical and real-time contextual intelligence, which makes a lot better use of your experienced security resources. They can quickly isolate network conversations between hosts and connection points of interest.  

As the analyst follows the breadcrumbs of suspicious or anomalous behaviour, looks for potential lateral movement, this data should be carried forward automatically. Effectively, these recordings can be used to instantiate an investigation or forensics report. They can also be used to show management why certain steps were taken.

Effective enterprise cybersecurity has always been about integrating people, processes and technology to reduce risk. Automating security processes goes hand in hand with leveraging staff more appropriately.

The real benefit of security automation where possible has a powerful people component. This is in precisely how effective automation helps you better leverage the skill sets of security professionals and makes them feel more effective and motivated.

Article by Arabella Hallawell, senior director of Product Marketing, Arbor Networks.

Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.