Cyber security teams can overcome ‘brain drain’ with the help of an intelligent security ecosystem, says Fabien Rech, EMEA VP at the endpoint and cloud security product company Trellix, in a Q&A.
1 How is the Great Resignation affecting security professionals?
The Great Resignation is impacting every industry, with almost seven in every ten employees (69pc) admitting they feel confident to move to a new job in the next couple of months. From a security perspective, Forrester predicts that security ‘brain drain’ will significantly impact the industry, as one in 10 experienced security pros are expected to leave their roles. This issue is made worse as the industry continues to battle with the obstacles caused by the ongoing skills gap.
The number of open roles and gaps left by a lack of skills means that security teams are being stretched too thinly and burning out. It also significantly increases the chance of a cyber-attack which could have potentially devastating consequences for the organisation.
As the threat landscape continues to change, the priorities of CIOs must also change to ensure their security teams are able to keep up with the threats at hand. This means having the right skills and technologies required to mitigate the risk while ensuring their defences can withstand the pressure created by new threats. However, failing to understand the importance only means that businesses will feel the burden of the Great Resignation for many years to come.
2 What can businesses do to ensure their security teams are not feeling burned out?
On top of taking measures with the support of HR to protect their talents, an important thing an organisation can do to ensure its employees avoid burnout is to invest in technology that can harness the power of machine learning and automation.
In addition to alleviating some of the pressure on security teams by automating tasks, automation will help unlock insights and streamline workflows. This will help organisations to cut through the noise of attacks to ensure SecOps teams can be more focused and effective, rather than feeling like they are constantly scrambling and therefore leading to burnout and missed threats.
CIOs should also look to their vendors as partners and seek advice and consultancy when needed. As the threat landscape is constantly changing, no one can be expected to know everything they need to know all the time. This is why collaboration is vital, and something businesses should consider to reduce the pressure on their security teams.
3 As a broader industry, what can be done to attract talent and ensure the next generation of security professionals?
If we’re to close the cybersecurity skills gap and attract more talent, we must encourage those interested in IT or cybersecurity as early as possible and provide a school pathway into the industry. Initiatives that give students first-hand insight into the opportunities available to them in the cybersecurity industry are a great way to help generate interest and awareness.
It’s also important to highlight to students that they don’t need to be a technical expert or have experience in IT and security to pursue a career in cybersecurity. There are so many varied roles available in the sector – from business development and sales, to research and engineering – so it’s essential to encourage students to be open-minded and inspire them to seek the roles out as they move from education to the workplace.
4 How can technology help plug the skills gaps and protect against the evolving threat landscape?
Technology has a critical role to play in narrowing the skills gap. For example, automation can help stretched IT and security teams by replacing manual, time-consuming tasks while simplifying and accelerating threat response.
XDR solutions can also automate the prioritising threats, predicting which malware campaigns will be launched against the organisation and pre-emptively improving defensive countermeasures, helping organisations get one step ahead of cyber adversaries, even when technical skills are in short supply. This will empower security teams to feel confident enough in the technologies they are investing in to free them up to focus on other more urgent priorities.
At the same time, we’re seeing more organisations adopt a living security approach to their defences. Living security makes organisations more resilient through the interconnection of various threat sensors and capabilities and can be seamlessly integrated into the security ecosystem, so all operations are protected. This approach also means that security teams are free to focus on priorities and act on their business ambitions.
5 What advice can you give organisations in becoming more resilient to cyber threats?
My first piece of advice would be to use threat intelligence as much as possible. The application and use of comprehensive threat intelligence from outside and inside the company will help cut through the noise so SecOps teams are more focused and effective and can adapt fast as global attackers do. This approach to cyber security will support the business’ adaptive resilience, with each potential threat making security teams smarter.
Another critical element to ensuing cyber resilience is adopting technology that is both open and native. This will allow businesses to rest easy knowing that every piece of technology is connected seamlessly, eliminating any blind spots and gaps in a businesses’ protection.
By implementing an open technology platform, organisations can enjoy an automated security policy orchestration across a broad portfolio of security products which is designed to deliver maximum visibility, control, and vendor choice across all attack surfaces.
Unfortunately, there isn’t a one size fits all approach to security, but by taking these measures and implementing them as part of a comprehensive security strategy, businesses should feel empowered, knowing their defences are both flexible and adaptable and more resilient to cyber threats.
