Nowhere is the cybersecurity skills shortage more prevalent than inside the security operations center (SOC).

Edward Gately, Senior News Editor

January 14, 2019

7 Min Read
Security Roundup
Shutterstock

Organizations increasingly are turning to automation and finding creative ways to cope with the ongoing and intensifying shortage of cybersecurity talent.

The cybersecurity workforce gap has widened to nearly 3 million globally, according to a study by (ISC)², a nonprofit that specializes in training and certifications for cybersecurity professionals. North America has the second-highest shortfall at 498,000, behind Asia Pacific, while EMEA and Latin America contribute a 142,000 and 136,000 staffing shortfall, respectively.

McCumber-John_ISC2.jpg

(ISC)2’s John McCumber

John McCumber, (ISC)2’s director of cybersecurity advocacy, tells us the talent shortage likely can be attributed to a lack of understanding about what it takes to create a career in cybersecurity.

“Many people think it’s a grouping of highly technical jobs that requires them to come in with polished skills across the entire breadth of IT security,” he said. “And given the high stakes, it may seem like an intimidating profession. We as an industry need to do a better job of helping people understand that training opportunities are plentiful and that many of the skills they already possess can be transferable to cybersecurity. We also need to be more welcoming to a larger talent pool, and that means recruiting more women and minorities to join our mission of inspiring a safe and secure cyber world.”

Organizations that create a resilient cybersecurity culture tend to do a lot of the same things, McCumber said. They write clear job descriptions that demonstrate their understanding of the specific role that each staff member will fill, they hire certified cybersecurity professionals in order to build strong teams, and they train and promote from within, he said.

“Interestingly, our research found that 86 percent of organizations that consider themselves adequately staffed with cybersecurity talent employ a chief information security officer (CISO), which compares to 49 percent of companies overall,” he said. “Finally, a lot of top cybersecurity talent can be found in the federal government. Instances like the current government shutdown can help private-sector organizations lure candidates with the promise of a more stable position and better compensation. (ISC)research finds that 50 percent of organizations who have adequate cybersecurity staffing have successfully recruited talent from the government ranks.”

It all comes down to creating an environment where cybersecurity professionals feel their contributions are valued and recognized by executive management, and one where they can receive consistent training to progress in their careers, McCumber said,

Nowhere is the skills shortage more prevalent than inside the security operations center (SOC), where the increase in the volume of alerts requiring action far outpaces an organization’s ability to hire skilled analysts, according to Siemplify, which provides security orchestration, automation and response (SOAR) solutions. SOAR is gaining traction to help alleviate “alert fatigue” as these services increase the efficiency of existing SOC analysts, helping security teams get more work done, it said.

Security orchestration both integrates disparate tools in a single pane of glass and eliminates a lot of the specialization that is required to run each security tool independently. Also, it allows security analysts to …

… spend more time investigating and less time creating documentation and generating reports with built-in collaboration and case management.

Reichenberg-Nimmy_Siemplify.jpg

Siemplify’s Nimmy Reichenberg

A good way to correctly implement SOAR is to start with defining playbooks aimed at driving consistent response by the security analyst team and compiling knowledge of how to respond to different threats, said Nimmy Reichenberg, Siemplify’s chief marketing officer. Once you create those playbooks (incident response procedures) you can then start to selectively automate pieces of it where applicable and trusted, he said.

“With the increasing volume of security alerts and no end in sight to the cybersecurity skills shortage, organizations that don’t automate everything that can be automated will fall behind,” he said. “But leading SOAR solutions go beyond automation and let [security operations] teams rise above the daily firefighting. By virtue of the fact that all analyst activity (automated and manual) is captured on a single platform, managers have access to metrics and analytics that can drive continuous improvement across people, process and technology.”

Unbound Tech, Enveil Partner on Enterprise Security

Unbound Tech and Enveil have teamed up to safeguard encryption keys and provide nation-state level security for data in use.

The joint offering delivers a combination of software-defined cryptographic capabilities to secure sensitive data at all points during its life cycle. Enveil advances the boundaries of data security by eliminating the exposure gap companies face when sensitive data must be decrypted in order to be used or processed, while at the same time Unbound fortifies security protections by ensuring cryptographic keys, credentials and other private data never exist anywhere in complete form.

Williams-Ellison-Anne_Enveil.jpg

Enveil’s Ellison Anne Williams

Ellison Anne Williams, Enveil’s CEO, tells us the joint offering is built to address the complex data security challenges facing the financial sector, health-care industry and other highly regulated verticals.

“Customers can quickly and easily employ multiparty computation-based encryption key protection and homomorphic data security technologies to configure or support separate strategies for encryption of at rest, in transit and in use, with the added bonus of less administrative and resource overhead due to the ability to work with existing systems,” she said.

“Through the Unbound-Enveil partnership, we offer a truly unique solution that boosts security to a whole new level while at the same time reducing costs,” said Avner Mor, Unbound’s CEO. “This is a rare opportunity to employ unique multiparty computation (MPC)-based encryption key protection and homomorphic data security technologies quickly and easily — and with the added bonus of less administrative and resource overhead due to the ability to work with existing systems and no need to configure or support separate strategies for encryption of data at rest, in transit and in use. This hasn’t been done before.”

Report Predicts Accelerated Growth in Managed Security Services

The global managed security services market will crush it during the next several years, exceeding $50 billion by 2025, according to a new report by Report Consultant.

The market is expected to register a compound annual growth rate (CAGR) of more than 14 percent through 2025.

Top managed security services players include…

Check Point Software Technologies, Cisco Systems, Computer Science, Dell Secureworks, AT&T, BAE Systems, BT Group, CenturyLink, Hewlett-Packard Enterprise (HPE) and IBM, according to the report.

Increasing cybercrime and the need for cost-effectiveness are two of the factors driving the global market.

Trustwave Unleashes Latest Version of Email Security Platform

Trustwave‘s Secure Email Gateway (SEG) 8.2, the latest iteration of its email security platform, offers organizations a comprehensive solution for advanced email security, extensive policy control and reporting.

SEG 8.2 supports Microsoft Azure Rights Management (Azure RMS), a fast-rising enterprise cloud-based protection service that employs encryption, identity and authorization policies to help secure documents and email content traversing across networks and devices.

SEG 8.2 is built on industry standards to detect and block email spoofing, domainkeys identified mail (DKIM) to authenticate email senders and domain-based message authentication, reporting and conformance (DMARC) to pinpoint spam and phishing messages.

Chen-Jenny_Trustwave.jpg

Trustwave’s Jenny Chen

Jenny Chen, Trustwave’s senior product manager, tells us SEG 8.2 creates new opportunities for partners to pursue enterprise customers in heavily regulated industries.

“For example, financial services and health-care institutions are concerned with information confidentiality and access,” she said. “Azure RMS enables restricted access to emails and documents both inside and outside the organization. Partners now also have a strong play with customers subject to General Data Protection Regulation (GDPR) and other data privacy laws by offering them our new cloud-based email archiving solution, which provides evidence-admissible proof of privacy compliance, as well as meet regulatory mandates for specific data-retention periods.”

Trustwave offers several deployment options for SEG 8.2, including on-premises via software or virtual appliance, or through the SaaS or private-cloud model and can scale based on organization needs.

“As more organizations adopt RMS-type solutions, they will need their providers to support those solutions,” Chen said. “Without visibility into RMS-protected files, mail and attachments, organizations run the high risk of sensitive data leaking from their organization. This innovation enables Trustwave partners to bring forward a secure email gateway product that provides more complete protection to their customers in verticals like financial services and health care that need to protect confidential data and secure access without sacrificing security.”

Read more about:

MSPs

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like