Cybersecurity Skills Shortage a Problem for Nearly 50 Percent of Organizations
The cybersecurity skills shortage has reached almost three million in 2018 globally, according to (ISC)², a cybersecurity and IT security professional organization. The skills shortage problem was echoed in an Opinium survey commissioned by Trend Micro, where nearly 50 percent of 1,125 chief information security officer (CISO) respondents shared that it is a cause for concern for their organizations. As threats continue to increase — Trend Micro blocked over 48 billion threats in 2018 — and become more advanced, the global skills shortage puts organizations at higher risk.
[Read: A Historical Overview of Proactive Incident Response Strategies and What They Mean to Enterprises]
Skills Shortage is a Global Problem
CISOs from the U.S., the U.K., Germany, Spain, Italy, Sweden, Finland, France, the Netherlands, Poland, Belgium, and the Czech Republic were interviewed to weigh in on cybersecurity challenges, including skills shortage.
The survey revealed that, in terms of the workforce, CISOs face not only a lack in cybersecurity awareness within their organizations but also skills shortages. Thirty-three percent of respondents said they have had problems hiring new talent and 49 percent expressed concerns that the shortage could expose their organizations to greater risks. Of the CISOs based in the U.S., 54 percent — the biggest figure from all countries surveyed — admitted that they have difficulty hiring skilled professionals.
[Read: Challenging Problem of SMB Security Might Need Third Party Intervention]
AI and Automation as Solution for Skills Shortage
To cope with skills shortages, 39 percent of organizations said they retrain existing staff, 34 percent contract out work, and 28 percent support training initiatives for new university graduates.
Advanced technologies, on the other hand, were the answer for other respondents. For 68 percent of the respondents, the automation of routine tasks helps reduce skills shortages, while 59 percent believe that the use of artificial intelligence (AI) has the most potential in addressing the skills shortage. U.S.-based CISOs believed that automation (85 percent) and AI (81 percent) can help address this concern. Meanwhile, 31 percent of the respondents from the U.K. said that AI can alleviate the issue while 76 percent of CISOs in Italy thought AI can help solve the skills shortage problem.
The use of AI can indeed handle data processing efficiently. However, the skills and expertise of cybersecurity professionals are still necessary to provide analysis of and insight on the results as well as to manage an organization’s overall cybesecurity strategy.
[Read: Bridging Cybersecurity Gaps with Managed Detection and Response]
Addressing the Skills Shortage via Managed Detection and Response
Understaffed and overextended cybersecurity teams face an uphill battle against threats that are not only mounting but are also becoming more sophisticated. Organizations suffering from skills shortage can become vulnerable to financial loss, operational disruption, and reputational damage if the problems on security alerts volume and prioritization are not addressed.
In this regard, security services such as managed detection and response (MDR) can help in solving problems concerning manpower and costs by providing on-demand access to full-time threat analysts, investigators, and incident response experts. Since security alerts, logs, and data just don’t provide context by themselves, MDR can support organizations by providing threat hunting, investigation, and correlation, log aggregation, alert triage, and security data analysis.Trend Micro’s managed detection and response service provides access to cybersecurity experts who are proficient with live response and are familiar with solutions that can provide meaning to security incidents. The service provides alert monitoring, alert prioritization, investigation, and threat hunting. With the use of advanced AI to correlate and prioritize alerts and customer data and threat intelligence by our MDR teams, security incidents are efficiently analyzed and organizations are assisted in maintaining a good security posture.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases