How problematic is the shortage in cybersecurity skills? In a new article published on Dark Reading (Cyber Staffing Shortages Remain CISOs' Biggest Challenge), a report called Top Challenges in Cyber Investigations & Recommendations for SecOps Leaders notes that "88% of respondents expressed concerns about operational issues related to the lack of skilled staff and high attrition rates."
This statistic will not please CISOs struggling to add cybersecurity talent to their teams. Skilled security professionals are hard to find, particularly because they often need a diverse skill set that covers multiple aspects of a technology environment.
The evolving complexity of those environments is also a challenge. For example, 74% of respondents said that many security operations teams lack skills related to cloud environments. The result is that existing staff are under immense pressure to cover multiple security dimensions, some working the equivalent of two jobs (contributing to those high attrition and burnout rates). Consequently, security effectiveness suffers: 72% of respondents said attacker visibility and traceability are challenging.
Can we fix the skills gap?
The obvious solution to fixing the skills gap is training more security professionals. However, there is a problem: the skills pipeline has slowed down considerably. The new 2024 ISC2 Cybersecurity Workforce Study reports that the global active cyber workforce has stalled at 5.5 million people, growing only 0.1% year-on-year in 2023.
Moreover, training security staff is not simple since they work best with a range of specialisations under their belt, and many staff end up being headhunted by other firms because it's a seller's market. Simply hedging our bets on more training will not solve this problem. Is there a complementary solution?
The first report offers a clue: it notes that XDR (extended detection and response), SIEM (security information and event management) and SOAR (security orchestration, automation and response) technologies form the pillars of modern cybersecurity operations. It also adds that these powerful tools "incur significant costs due to deployment and management challenges."
If we could address those and similar security operations challenges, could it positively impact skills problems? Yes, it can.
Fixing skills shortages with technology
For years, the market has proposed using automation and integration to lessen the burden on security teams. Yet, delivery has been spotty at best due to a specific issue. While the security market speaks loudly about business-first and risk-managed security, in practice, it keeps selling specific technical solutions for specific problems.
The time has arrived to take the risk-based approach much more seriously and design security around that approach. For example, at Performanta we've established the Risk Operations Centre (ROC), a virtual client-tailored office that leads security strategy through business risk analysis. Using this information, we configure and deliver security via a range of services, including XDR, SIEM, and SOAR, integrated through our Security Operations Centre (SOC).
These technical steps are not new. The difference is that our service, Safe XDR, starts with the ROC and uses Gartner's CTEM (Continuous Threat Exposure Management) framework to produce risk-based direction. Through a combination of risk, human skill, integration, and automation, we maximise the effectiveness of those core cybersecurity technologies, scaled through managed service models.
We also get the best out of new technologies like artificial intelligence. Though often a misrepresented buzzword, correctly designed AI works incredibly well in modern cybersecurity. For example, Safe XDR is one of the first third-party solutions to integrate Microsoft's specialised Copilot for Security generative AI, which helps humans manage incidents faster and smarter, even if they have limited technical knowledge. Security and IT staff manage false positives and detect-and-respond exercises more effectively, reducing the burden of trial-and-error approaches thanks to machine speed insights.
This approach reduces bad data and conflicting information, closes gaps between systems, increases visibility, establishes security priorities, and radically reduces the mean time to respond to security events—from hours to minutes and even seconds.
Safe XDR removes tremendous pressure from the shoulders of security teams while ensuring that established security systems work as intended. It's Performanta's answer to the cybersecurity skills shortage: by making security operations more efficient through risk-informed prioritisation and effective use of established security systems, we help our clients create much more efficiency.
Of course, the market needs more trained security professionals. But that's not the only answer. Modern security is inefficient, expensive, and primarily moulded by a market that thinks selling a solution is the same as delivering good security. It's not.
The answer is to follow risk through frameworks such as CTEM, supported by integrated, automated, and scalable security. The answer is Performanta's Safe XDR.
Comments