Bridging the skill gap to remain ready and able to respond to cybersecurity threats
The growing threats of cyber-attacks and data breaches have made cyber threat & resilience management a business imperative. Cybersecurity staffing shortage is the industry’s accepted truth&we constantly hear through various channels around the huge cyber skill gap that will take years to address. CISOs can tackle this situationby augmentingthe modus operandiused torecruit, train, and retain people. This blog deals with thehalf-truths within cybersecurity staffing and explains a more effective way to build a complete andqualified cyber-security team.The supposedlack of qualified candidates is not a supply-and-demand problem but rathera problem of predisposition, misplaced expectation and lack of commitment.The sophistication of cyber-attacks by the adversary just keeps increasing as witnessed recently also through the Sunburst campaign and so if the hackers can come together because of their functional skills that allow them to collaborateto commit a specific crime, why not us to intercept them?
Call to Action
- Amplifythe way wefind and hire cybersecurity talent
- Keep Security Talent Motivated, Sharp, And Enthusiastic
- Use ML, AI andAutomation to Elevate Security Pros
Amplify the way we find and hire cybersecurity talent
Need to overhaul the way weadvertise, shortlist, interview, and compensate cybersecurity candidatesfor which we must think differently than in the past:
- Recalibrate what indicatesa good security candidate. Emphasize behaviors and characteristics rather than experience with certifications& technologiesalone when looking for early-career candidates.Identify theperson with intellect, motivation, and fit who could then be given on the job trainingto start delivering.
- Develop unique compensation structures for security pros. Security talent is in demand, so use compensation bands that make sense based on the market demand for thatposition. Detachsecurity compensation bands fromITbandsslowing down talent sourcing processes owing to HR exception approvals.
- Take advantage of apprenticeship programs. Companies should take advantage of theseprograms as sources of talent, and in areas of the world where they are not present, consider establishing similar programs on their own, or through partnerships with post-secondary institutions, career training organizations, and other public-private partnerships.
Keep Security Talent Motivated, Sharp, And Enthusiastic
Every security employee weretainis one less weneed to recruit. Need to make sure that we keep the talent wefind and growwith them:
- Establish and advertisesuccession plans for security teams.Oursecurity teamsneeds to know that advancement is possible, and succession plans communicatesthat to themwhich could be done by forming a talent council. This makes lateral moves less tempting because employees understandsthe list of priority candidates for open roles.
- Allowsecurity personnelto build and experiment. Allow your team and your potential team members from other departments to playaround with new technologiesas a mechanism to retain and develop talent. Create communities across the different security functions to connect like-minded security prostogether so that they can share their knowledge with each other & use those forums for the larger benefitof the respective organizations they support.
Use ML, AI andAutomationto Elevate Security Pros
Technology also plays a vitalrole in security talentretention, and machine learning, artificial intelligence, and automationoffer substantial relief for overburdened, underskilled, or understaffedsecurity teams. Many security pros wrongly believe that security requires human analysis and decision making at every step; thus, many SOC processes remain manual or employ minimal automation. To maximize efficiency and get the most out of limited staff,automation becomes an absolutenecessity.
- Leverageautomation to reduce the repetitivework done by security team. Automation playbooks could be leveraged to eliminate the repetitive work done by the security team which will in turn allow them to focus on the real security work that requires their undivided attention.This will additionally reducefatigue, stressand manual errors.
- Empowerless-experienced analysts with AI and machine learning tooling.Entry-level security analysts will naturally pass difficult investigations to more senior analysts, which creates investigation bottlenecks. Augmenting these less-experienced security analystswith AI and machine learning toolinggives them the capabilityto continue their security investigations individuallyso that they don’t have to necessarily escalate as many incidents to their more-experienced counterparts.
- Use simulation & emulation platformsto sharpen security skills without the danger.Many a time security teamlearn on the job by making costly mistakes whilst classifying or responding to an incidentwhich affects their self-respect & morale. Simulation & emulation platforms can be leveraged to reinforce operations-focused training, crisis response & management capability within a safe environmentto give them that experience of a real world threat scenario considerably increasing preparedness.
Bivin John Verghese is the Wipro regional CISO for the UK, Ireland & Europe experiencedacross IT risk,cyber strategies, planning, governance, architecture,operations, crisis management& nurturing talent.
Dan Patefield
Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.
- Email:
- [email protected]
- Phone:
- 020 7331 2165
Jill Broom
Jill is techUK’s Programme Manager for Cyber Security, working across the cyber eco-system to bring industry together with key stakeholders across the public and private sectors.
Prior to focusing in on techUK's cyber security work, Jill was also part of techUK's Central Government programme team, representing the supplier community of technology products and services to Whitehall departments.
Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
- Email:
- [email protected]
- Twitter:
- @honeybroom
- Website:
- www.techuk.org
- LinkedIn:
- https://www.linkedin.com/in/jill-broom-19aa824
Annie Collings
Annie joined techUK as the Programme Manager for Cyber Security and Central Government in September 2023.
Prior to joining techUK, Annie worked as an Account Manager at PLMR Healthcomms, a specialist healthcare agency providing public affairs support to a wide range of medical technology clients. Annie also spent time as an Intern in an MPs constituency office and as an Intern at the Association of Independent Professionals and the Self-Employed.
Annie graduated from Nottingham Trent University, where she was an active member of the lacrosse society.
- Email:
- [email protected]
- Twitter:
- anniecollings24
- LinkedIn:
- https://www.linkedin.com/in/annie-collings-270150158/
