Overcome the security talent shortage by addressing your tech stack
This is a guest post by Graham Pearson, vice-president and general manager for ANZ at Lacework
Australians will spend approximately $5.6bn on cyber security alone this year, according to AustCyber, the Australian cyber security network. This figure is expected to increase to $7.6bn within the next three years as the cyber security sector continues to grow, accelerated by the additional risks of a more distributed workforce and as criminals become bolder and more organised.
Despite this increasing need to ramp up security, the region is facing a chronic shortage of skilled security workers to fill the gap, especially with international borders remaining closed. For example, in the 12 months to September 2020, there were more than 14,000 job openings for dedicated and related cyber security roles in Australia, but a talent pool half the size of the national average for employers to recruit from.
Filling the tech talent shortage is going to take a concerted and prolonged effort across all walks of the industry – we require better education and increased diversity and accessibility, and slowly the tide will begin to turn. But in the short-term, how can CISOs, 78% of whom have 16 or more security tools to manage, according to Gartner, better manage their tech stack with limited manpower?
Here are five steps to streamline your tech and plug your skills gaps:
1. Identify the gaps
The first step in streamlining your workload and reducing the strain on skills is to identify where those skills gaps are. Begin by asking, ‘where do I have a shortage of skills?’ and ‘who can I hire to fill those gaps?’. In addition, you need to look at where your current employees are spending most of their time. Are they tied up in process driven admin or are they working on strategic tasks that are aligned to the business objectives? That is, are they combing through alert logs and updating policies or are they being productive in supporting the tech function?
2. Review your current tech stack
Once you have mapped out the gaps from a people perspective, the next step is to cross-reference your employee resource against your tech stack. Within those mundane, time-consuming and process driven areas, what tools do you have in place? Do you have specialised tools that are contributing to your tech stack bloating? The more specialised tools you have in place, the more skills you need to support them. Also ask yourself how much overlap in tooling you have and where you can cut back. It is important to be really clear at this stage about which tools are putting a strain on employee resources and which are alleviating that strain.
3. Assess the technology landscape
The next step is to assess the broad technology landscape and identify where you might be able to find new solutions to alleviate the strain on employee resource, likely through automation or reducing the need for specialised skills. The technology landscape evolves so quickly that there are almost certainly new tools available now that weren’t developed two to three years ago. It is important not to be deterred by tech that may have been in its infancy last time you reviewed it. Technology such as artificial intelligence (AI) and machine learning (ML) has come on leaps and bounds in recent years so what you may have dismissed previously as unsuitable could serve you well now.
Also, consider how you view vendors that have served you previously. If you have legacy tools in place, are you married to those vendors out of habit or because they are right for your business? For example, niche tools addressing a single use case such as compliance, container security or physical firewalls could have been the best solution at the time but now demand specialised skills that you’re unable to find.
Review the landscape and select tools that will streamline your operations and simplify the day-to-day requirements from your team. Consider tools that have been built from the ground up to serve a particular purpose, rather than those cobbled together as add-ons to existing products.
4. Lean on others to operationalise
Once you have decided on what technology can help you fill your skills gap by streamlining your processes and manual requirements, then it is time for ‘operationalisation’ of that technology. Planning how you’re going to implement and use the technology will define how successful it is as you won’t see the full benefits of any tech if you don’t implement it correctly.
Operationalisation often requires specialised skills across current in demand areas such as security information and event management (SIEM) and data, vulnerability assessment and management, and workload and container management. It is unlikely you have these specialised skills within your team, in which case it will be imperative to work with partners with corresponding expertise and investment. The correct partner will help you establish the new technology and tune it so it’s working optimally for you to manage on an ongoing basis.
5. Measure, review and go again
It is imperative you are measuring the success of your new technology. Most vendors should be able to provide projected savings before implementation and ROI on labour and process saving once operational. If they can’t, reassess the technology.
The technology landscape is continually evolving and so is your tech stack and the skills you have within your team. If vendors are not delivering or a tool becomes too hard to manage due to a skills gap, then it’s important to reassess. For maximum success and operational efficiency, repeat all five steps regularly.