The Cybersecurity Skill Shortage Epidemic
The cybersecurity industry is currently experiencing an epidemic. No, I’m not referring to the complex and sophisticated malware that is being generated in increasing numbers every day, but the availability of skilled personnel, available to prevent or remediate them.
In 2018-2019, 53 percent of organizations reported a “problematic shortage” of cybersecurity skills according to CSO Online. Cybersecurity Ventures predicts there will be 3.5 million cybersecurity job opening by 2021. A report coming out of Australia found that 88 percent of IT decision-makers believe there is a shortage of cybersecurity skills, within their own organization, but also nationally.
This alarming trend is seriously disadvantaging security efforts. At Deep Instinct, we’ve seen for a while now that security talent isn’t where it needs to be to help curb the cybercrime epidemic and until this is rectified, the industry continues to be outpaced by malicious actors.
To stem this development, organizations need to adopt the mindset of malicious actors. This is not a mindset that can easily be transitioned into by occupational cyber experts or engineers. It draws on the skill set of those who have experience in cyber warfare, understand the objectives of an attacker and can identify the product architecture that’s required to undermine their efforts.
Unfortunately, the reality is that this gap between the threat capability of modern-day attacks and the skilled personnel able to mitigate them, is perpetually widening. Responsibility no longer just lies with CISOs, but all IT professionals need to be proficient in an organization’s cybersecurity policies and procedures. They need to be involved with protecting and defending all types of endpoints, apps, data, infrastructure, and people. Thus, the job market figures, as alarming as they are, belie the extent of the epidemic shortage.
There are a number of fundamental shifts that need to happen in order to rectify the situation both on a national level and within organizations:
• There needs to be national-level leadership on the issue. Governments need to pursue this issue to the extent of appointing a Minister for Cybersecurity, who would be responsible for establishing metrics, driving programs and reporting on national progress.
• A more thorough partnership between the public and private enterprises where national governments adopt a more focused effort on working with the cybersecurity technology community.
• An integrated industry effort between technology and cybersecurity leaders, to ensure that organizations adopt technology tools that work to resolve this issue, rather than amplify it.
On the enterprise level there are several strategies that are also being pursued:
• Continuous training of cybersecurity staff where personnel is encouraged to be part of professional organizations.
• The role of the MSSP will become more significant in closing in on this skills gap. To their advantage, they have a greater ability to pool knowledge, resources, and expertise and spread the cost amongst their customers. This more profitable economy of scale enables MSSPs to use optimal solutions that support multiple small to medium businesses, and which would normally be well beyond their reach.
However, organizations need to be aware that selecting the right vendor can be a challenge. In the necessity to say ahead of the threat landscape, organizations should take the time to rigorously test the available offerings. In an environment where MSSPs and SOCs need to continually evolve their practices to keep up, SMBs need to ensure that whichever the third party they have selected, they have the technological advantage over any potential threat. This may entail taking a portfolio management approach to cybersecurity workloads, where fewer security professionals are required to instead manage and oversee outsourced tasks.
Organizations should also be looking towards the cybersecurity products to make sure that the solutions they purchase minimize the pressure on security personnel, rather than exacerbate it. The incorporation of NextGen cyber technology, such as Deep Instinct, the first platform to apply deep learning to cybersecurity, reduces dependency on security experts in a few different ways:
• As an automated prevention tool, it reduces the range of tasks normally carried out by a cybersecurity team. From finding-the-needle-in-the-haystack to post-infection analysis and remediation, all these tasks are dramatically reduced, if not removed. The reduced human involvement needed to predict and prevent threats frees up cyber experts to focus on more strategic operations.
• The solution operates in a pre-execution stage, where attacks are prevented pre-emptively, rather than in a post-execution stage which requires a lot of remediation activity by an expert.
• The deep learning prediction model also produces a far lower level of false positives. The combination of high detection and minimal false positives means that fewer people are needed to investigate and identify attacks.
• The deep learning model doesn’t require feature extraction. Unlike machine learning models and other AI cybersecurity solutions that rely on cybersecurity professionals to formulate an algorithm, deep learning does not require this expertise. Rather it is designed to automatically identify the relevant features of a malicious file or vector. An important factor for solution providers, it means that they are not competing for the same talent pool as their competitors.
While the cybersecurity shortage is a well-known problem, the industry, government, and enterprise have historically been slow to react. However as the shortage has been more recently reaching epidemic levels, organizations have started to pivot in their response. While some have supported training programs amongst their IT staff, many others have been focused on putting in the necessary infrastructure and solutions that minimize the number of CISOs that they need to ensure ongoing security.
Learn more about how deep learning has been applied to cybersecurity, and the autonomous capabilities it provides to minimize the impact of the cybersecurity skills shortage.