Bridging the skill gap to remain ready and able to respond to cybersecurity threats
The growing threats of cyber-attacks and data breaches have made cyber threat & resilience management a business imperative. Cybersecurity staffing shortage is the industry’s accepted truth&we constantly hear through various channels around the huge cyber skill gap that will take years to address. CISOs can tackle this situationby augmentingthe modus operandiused torecruit, train, and retain people. This blog deals with thehalf-truths within cybersecurity staffing and explains a more effective way to build a complete andqualified cyber-security team.The supposedlack of qualified candidates is not a supply-and-demand problem but rathera problem of predisposition, misplaced expectation and lack of commitment.The sophistication of cyber-attacks by the adversary just keeps increasing as witnessed recently also through the Sunburst campaign and so if the hackers can come together because of their functional skills that allow them to collaborateto commit a specific crime, why not us to intercept them?
Call to Action
- Amplifythe way wefind and hire cybersecurity talent
- Keep Security Talent Motivated, Sharp, And Enthusiastic
- Use ML, AI andAutomation to Elevate Security Pros
Amplify the way we find and hire cybersecurity talent
Need to overhaul the way weadvertise, shortlist, interview, and compensate cybersecurity candidatesfor which we must think differently than in the past:
- Recalibrate what indicatesa good security candidate. Emphasize behaviors and characteristics rather than experience with certifications& technologiesalone when looking for early-career candidates.Identify theperson with intellect, motivation, and fit who could then be given on the job trainingto start delivering.
- Develop unique compensation structures for security pros. Security talent is in demand, so use compensation bands that make sense based on the market demand for thatposition. Detachsecurity compensation bands fromITbandsslowing down talent sourcing processes owing to HR exception approvals.
- Take advantage of apprenticeship programs. Companies should take advantage of theseprograms as sources of talent, and in areas of the world where they are not present, consider establishing similar programs on their own, or through partnerships with post-secondary institutions, career training organizations, and other public-private partnerships.
Keep Security Talent Motivated, Sharp, And Enthusiastic
Every security employee weretainis one less weneed to recruit. Need to make sure that we keep the talent wefind and growwith them:
- Establish and advertisesuccession plans for security teams.Oursecurity teamsneeds to know that advancement is possible, and succession plans communicatesthat to themwhich could be done by forming a talent council. This makes lateral moves less tempting because employees understandsthe list of priority candidates for open roles.
- Allowsecurity personnelto build and experiment. Allow your team and your potential team members from other departments to playaround with new technologiesas a mechanism to retain and develop talent. Create communities across the different security functions to connect like-minded security prostogether so that they can share their knowledge with each other & use those forums for the larger benefitof the respective organizations they support.
Use ML, AI andAutomationto Elevate Security Pros
Technology also plays a vitalrole in security talentretention, and machine learning, artificial intelligence, and automationoffer substantial relief for overburdened, underskilled, or understaffedsecurity teams. Many security pros wrongly believe that security requires human analysis and decision making at every step; thus, many SOC processes remain manual or employ minimal automation. To maximize efficiency and get the most out of limited staff,automation becomes an absolutenecessity.
- Leverageautomation to reduce the repetitivework done by security team. Automation playbooks could be leveraged to eliminate the repetitive work done by the security team which will in turn allow them to focus on the real security work that requires their undivided attention.This will additionally reducefatigue, stressand manual errors.
- Empowerless-experienced analysts with AI and machine learning tooling.Entry-level security analysts will naturally pass difficult investigations to more senior analysts, which creates investigation bottlenecks. Augmenting these less-experienced security analystswith AI and machine learning toolinggives them the capabilityto continue their security investigations individuallyso that they don’t have to necessarily escalate as many incidents to their more-experienced counterparts.
- Use simulation & emulation platformsto sharpen security skills without the danger.Many a time security teamlearn on the job by making costly mistakes whilst classifying or responding to an incidentwhich affects their self-respect & morale. Simulation & emulation platforms can be leveraged to reinforce operations-focused training, crisis response & management capability within a safe environmentto give them that experience of a real world threat scenario considerably increasing preparedness.
Bivin John Verghese is the Wipro regional CISO for the UK, Ireland & Europe experiencedacross IT risk,cyber strategies, planning, governance, architecture,operations, crisis management& nurturing talent.