Many organizations are facing a cyber-threat which is quietly and stealthily eroding their defenses. What’s worse, this threat cannot be detected by any enterprise security products, yet it presents a very real long-term risk to their organizations: it’s the cybersecurity brain drain.
The Information Systems Security Association (ISSA) together with analyst firm ESG, just released a research report which states that nearly half of businesses surveyed have a ‘problematic shortage of cybersecurity skills’, while nearly half of cybersecurity professionals said they are approached for other jobs at least once a week! Moreover, 65% of cybersecurity professionals ‘struggle to define their career paths’ due to poorly-defined training and development processes, and the lack of a career map in cybersecurity, among other factors. The threat landscape is changing so rapidly that cybersecurity professionals legitimately fear becoming deskilled: 56% of respondents said that their current employer simply doesn’t providethe right levels of training to keep up with new risks, threats and security products.
Our own ‘ State of Automationin Security’ survey from earlier this year highlighted another strong factor contributing to the brain drain. It showed that skilled security staff are spending much of their valuable time ‘keeping the lights on’ manually maintaining and making changes to existing systems, trawling through endless security alert logs, and making device configuration changes to plug security holes and keep things running smoothly. Not only is this type of repetitive, manual work unrewarding and boring, leading to staff dissatisfaction, it is also counterproductive. As our survey showed manual security changes often resulted in outages and security breaches. Furthermore, this grunge work left staff without enough time to focus on more strategic business issues.
The net result is that cybersecurity staff turnover rates are high, leaving organizations struggling to fill the gaps when key personnel leave, and hindering their ability to build comprehensive, long-term cybersecurity strategies to protect and enable their businesses.
So what can be done? Clearly, organizations have a responsibility to improve their IT security training and staff retention programs in particular to attract talented junior staff. But of course, these measures cannot be implemented overnight they take time and resources.
This is wheresecurity automationmust play a key role. More than half our survey respondents believed that automating security processes could replace many repetitive, mundane tasks, such as managing security changes and preparing for regulatory audits . In addition to freeing up staff to focus on more strategic initiatives, automation significantly speeds up these processes and reduces the number of mistakes made. Not only that, by proactively assessing the risk of each and every change, automation helps organizations remain continually compliant(something more and more auditors are now demanding), as well as improve their overall security posture.And, as an added bonus, automation solutions track and document everything, which reducesthe reliance on the security vets who may or may not have the knowledge in theirheads.
But automation can do much more than help security staff withthe day-to-date management of security processes. It can play a critical role in strategic business and security projects. For example, when migrating business applications to the cloud, security automation solutions can identify and map application connectivity prior to the migration a task that’s typically extremely manual, slow and costly. Automationgives the security team the information they need to correctly configure business application connectivity in the cloud quickly and securely without risking outages or creating security holes. And assuming it supports a multi-vendor and multi-platform environment, automation removes the need for domain experts for each specific security vendor’s products and platforms deployed across the enterprise network (and its likely there will be many of them). In addition, it enables the security the team to manage the entire environment holistically which eliminates blind spots and improves the organization’s overall security posture.
While automation clearly delivers many security and business benefits, it is not about replacing skilled staff with technology. Rather, it’s giving security staff the opportunity to fully utilize and advance their skills. An experienced, qualified cybersecurity team is a huge asset to the organization especially now so should they really be spending their time manually sifting through logs or tweaking firewall rules, when they could be actively developing your overall security strategy to counter the next generation cyberthreats?