beat the cybersecurity talent shortage: how to use upskilling and analytics to bolster your team’s cybersecurity capabilities
Project Achtergrond
Cybercrime is never far from the headlines. It seems as though every few months, another security threat creates costly headaches for IT professionals everywhere. And those threats don’t come cheap, at least for the victims. The average cost of a breach is $8.7 million in the US and $3.86 million globally. Add in the many remote endpoints involved in today’s hybrid-work environment, and costs swell even higher.1 The losses aren’t just in the form of missed revenue from system downtime; they also include other, hard-to-quantify effects, such as increased customer turnover and the cost of working harder to acquire new business after suffering a damaged company reputation.1 If security breaches are a problem, the obvious answer is to hire more specialists to protect the organization. However, one of the greatest barriers to effective endpoint defense is a lack of skilled IT security personnel.2 In part, that is a market problem. There’s a distinct shortfall of cybersecurity professionals, lacking just over 3 million workers globally.3 However, despite increasing attacks and 85% of organizations reporting a shortage of cybersecurity skills,2 they are actually hiring fewer cybersecurity pros.3 You may want to hire more cybersecurity staff— but you can’t find experts you can afford.
Probleemstelling van het project
Cybersecurity skills are specialized, and not every computer science program devotes dedicated attention to imparting that knowledge. While IT education providers are working to close the cybersecurity skills gap, building a pipeline of new talent takes time. Cybercrime Magazine reports that in the US, only 3% of bachelor’s degree graduates have cybersecurity-related skills.7 James Hadley, founder and CEO of Immersive Labs, says more effort is needed to promote the variety of roles available.
Technologische innovaties
AI
Doelstelling van het project
“Most developed countries are spearheading a number of initiatives to increase the number of people that see cybersecurity as a career, starting with children in school,” Hadley says. “It’s not just about hacking. But because the industry is often depicted in this way, it’s difficult to get new people into the field, especially women. More needs to be done to remove the gender imbalance.” In the meantime, here are some practical options for organizations that know they need cybersecurity experts. Don’t overlook a natural source of talent: existing employees who can be strategically trained in hard-to-find skill sets such as cybersecurity. Look at the hidden potential of existing staff, then upskill them for new responsibilities. Organizations have a real opportunity to transition their people into cybersecurity roles, if they know where to look for talent. Hadley points out that academic background has little influence on an individual’s potential. “It’s qualities and attributes such as analytical thinking, problem-solving, troubleshooting, and perseverance that matter,” he explains. “If an individual has those attributes, they’re likely to excel in cybersecurity.” There are other advantages. Retraining personnel can fine-tune the instruction to the company’s particular needs. Employerpaid training also builds loyalty.8 It engages employees who aim to bolster their credentials, add new skills to their résumés, and improve potential earning power. Another way to empower existing IT teams— even those with less security-specific expertise—to fight cyberattacks is with comprehensive, always-on technology solutions. Let automation do what it’s good at, and permit humans to focus attention where it matters. Organizations that have deployed artificial intelligence, machine learning, and analytics in their security strategy experience far lower losses than those who have not yet deployed these technologies. The average cost of a breach at organizations with fully deployed security automation was $2.45 million, compared to $6.03 million at organizations with no security automation.1 It’s no wonder that up to 43% of organizations say they prefer these more advanced IT security solutions.2 Solutions that use centralized, cloud-based management let IT teams see and control what’s going on with device security, from the basics to more advanced metrics. Pairing always-vigilant protection with better data visualization through analytics makes it far easier for them to identify weaknesses, contain breaches, and get clear intelligence on the risks of outdated hardware and patches.
Technology Providers
HP