This guest blog was contributed by Marie Wilcox, Security Evangelist at Panaseer
As the corporate cyber-attack surface grows, network defenders are routinely called upon to put out fires across the business. It’s reactive, piecemeal and erodes any wider value they may be able to bring to the organization. It’s also a dynamic considerably worsened by industry skills shortages that have reached critical levels.
The good news is that organizations can both reduce the impact of these shortages, and improve security posture and resilience, through vendor consolidation and more intelligent use of automation.
How bad is the cybersecurity skills crisis?
The cybersecurity industry has long had a shortage of skilled professionals. And as transformation investments grow demand for talent, the problem has reached a crisis point. One estimate puts the skills shortage at a staggering 3.4 million workers globally, including 436,000 in North America – an 8.5% year-on-year increase. Another claims that just 69% of security jobs in the US can currently be filled by the available workforce.
This is having a material impact on cyber risk. The vast majority (74%) of respondents to a new Panaseer report claim their ability to manage security posture is being negatively impacted by a lack of resources. A quarter argue this is also significantly impacting their ability to mitigate security risk. Lack of headcount is cited by many as a key part of the resource challenge.
Unfortunately, when organizations don’t have enough skilled security staff, those that are around are forced to cover multiple positions, leading to high stress levels. Some may decide to quit as a result, leaving those that stay in an even worse position. For employers, there’s the added headache of spiraling wages to cope with. Over half say they’d spend a hypothetical increase in budget on hiring more security specialists.
Organizations desperately need a way to do more with less — optimizing their existing resources to drive security strategy for long-term risk management, rather than fighting fires. Fortunately, with the right focus, they can.
Time to automate
Automation is a key part of the answer. When applied to time-consuming, manual processes it can free up staff to work on higher-value tasks. That’s why 96% of respondents to our survey are automating at least one aspect of their cybersecurity. It could be anything from monitoring and reporting to incident response and threat hunting. Among the biggest benefits cited by users of automation are more efficient use of resources, improved decision making, more accurate prioritization and reduced workload for security teams.
Controls monitoring is one area where automation can bring particularly big wins. By running a continuous controls monitoring (CCM) solution, security leaders gain a holistic and real-time understanding of their security controls. By continually identifying any control gaps in this way, automated tooling can drive big wins for proactive risk management. It can even support compliance efforts—such as with the EU’s Digital Operational Resilience Act (DORA), which mandates continuous monitoring of IT security. In the US it could help boards meet strict new SEC rules designed to make them more accountable for security risk.
Consolidating drives clarity
The second piece of the puzzle is vendor consolidation. Security teams spend too long managing multiple point products—many of which overlap in terms of functionality. In some scenarios, stretched analysts are overwhelmed by the volume of alerts being produced by all of these security controls, which in turn can expose the organization to cyber-threats.
We found last year that large enterprises run on average 76 security tools, up from 64 in 2019. That’s part of the reason why three-quarters of organizations pursued a vendor consolidation strategy in 2022, according to Gartner. Although many security practitioners feel anxious that fewer controls will reduce their ability to mitigate cyber risk, the opposite is true. Of those who had started consolidating their tools and integrating them into a more unified ecosystem, 42% report improved security posture. It doesn’t just help mitigate the impact of skills shortages. It can ultimately improve security posture by eliminating or minimizing coverage gaps, saving funds which can be used elsewhere and enhancing visibility and control.
Threat actors have the advantage of surprise. They’re highly resourceful and supported by a cybercrime economy measured in the trillions of dollars. They also benefit from the fact that security teams are woefully under-staffed. But enterprises can turn this around, if they focus on visibility and efficiency. By reducing the number of tools in their arsenal, and automating the process of monitoring those controls, there is a way to reduce the burden on security staff and drive proactive security posture management. ###