The Cyber security skills are in high demand
It’s a sellers’ market out there if you are prominent and have the right cyber security skills. Cyber security workers are in high demand, and the security industry may face a shortage of close to two million qualified personnel by 2022. That’s concerning giving the increasing number of cyber-attacks we’re witnessing.
According to ESG research, 45% of organizations report having a problematic shortage of cybersecurity skills in 2017. Of course, this applies to all areas of cybersecurity but recent ESG research shows that the skills shortage has a direct impact on security analytics and operations. The research reveals:
- 54% of organizations say they don’t have the appropriate security operations skills for an organization of their size.
- 57% of organizations say they don’t have appropriate security operations staffing for an organization of their size.
- Based upon this data, it is safe to assume that many organizations are understaffed and lack the right security operations skills — a double cybersecurity whammy!
Top cyber security skills and operations weaknesses
The research also reveals some of the ramifications of these cyber security skills shortages. When asked to identify their top security operations weaknesses, cyber security professionals pointed to things such as:
Threat hunting. Many organizations simply lack the advanced skills necessary for threat hunting, while others are too busy responding to incidents to establish more proactive practices.
Assessing and prioritizing alerts. CISOs have added lots of threat detection tools and services over the past few years, producing a tsunami of additional security alerts. These technology investments may for naught, however, as the research indicates SOC teams can’t keep up with all the noise generated by the growing volume of alerts.
Computer forensics. When security operations teams respond to security events, they tend to put out obvious fires but often fail to proceed to the next step — seeking out the root cause of the blaze. Once again, they are either too busy or lack the advanced forensic skills necessary for this task.
Security incident lifecycle management. In a perfect world, all security incidents are tracked from discovery, through investigations, and on to remediation. This tracking requires formal documented processes and a case management system that captures data and analysts’ notes, manages workflows, assigns tasks, and issues reports on what’s open and what’s closed. Alas, too many organizations rely on email, spreadsheets, and informal processes, making incident lifecycle management a chaotic affair at best.
While the promised automation and machine intelligence will go some way to alleviate this situation, the widening gap should be an acute concern for every business and government. Colleges, universities and other higher education institutions should be partnering with industry bodies to figure out how to bridge the gap in cyber security skills and the number of professionals out there.
More Here [CSO]