Security Talent Shortage

610 1

While CISOs and security teams have been doing their best to find creative solutions to the never-ending security talent shortage, the industry continues to struggle to meet the current and future demand. A Cisco report pegged the amount of unfilled cybersecurity jobs in 2019 at 1.5 million.

Nimmy Reichenberg, CMO at cyber security company Siemplify says, “Many have hired IT professionals and setup training programs to provide them with cybersecurity skills, and while this stopgap approach provides some relief, it is in no way a silver bullet. The greatest challenge lies in hiring experienced security professionals, and those can’t be created overnight. You can’t just throw bodies at the problem – in the meantime, organizations need to jump at every opportunity to automate repetitive tasks and make their existing and scarce security teams more productive.”

Nowhere is the skills shortage more prevalent than inside the SOC (security operations center), where the increase in the volume of alerts requiring action far outpaces an organization’s ability to hire skilled analysts. Security Orchestration, Automation and Response (SOAR) solutions are gaining traction to help alleviate “alert fatigue” as they increase the efficiency of existing SOC analysts, helping security teams get more work done.

Below are a few ways security orchestration helps address the talent shortage:

  • Orchestration of disparate tools– when you break down the work of your typical SOC analyst, a lot of time is dedicated to “swivel chair integration”, such as copying and pasting results from one tool into another or switching between screens and tools. Security orchestration does more than integrate disparate tools in a single pane of glass (which of course saves precious time), it also eliminates a lot of the specialization that is required to run each security tool independently.
  • Automated playbooks– Scalable and repeatable processes for incident response and triageare vital to analyst productivity. Security orchestration lets teams automate the repetitive and manual tasks that are carried out in response to common IOCs.
  • Tribal knowledge capture– What’s worse than trying to hire a new analyst? Having your most experienced analyst leave, along with the wealth of knowledge he or she has accumulated over the years. Security orchestration playbooks put the wisdom of your most experienced analysts at the hands of everyone.
  • Faster analyst ramp-up– with a structured workbench for the SOC analyst, new hires can execute playbooks practically on day one, with step-by-step guidance on how to proceed with an investigation and clear escalation paths.
  • Self-documentation– Nobody “loves” documenting security incidents. Security orchestration allows security analysts to spend more time investigating and less time creating documentation and generating reports with built-in collaboration and case management.
  • Bottleneck identification– The best security orchestration platforms include powerfulBI and reporting that let SOC managers identify bottlenecks and act to remediate them, further increasing analyst productivity.
In this article


Join the Conversation

Join the Conversation

1 comment

  1. Peter Tracers Reply

    True, nowhere is the skills shortage more prevalent than inside the SOC (security operations center). Attackers are becoming more sophisticated and so are threats, which is why technology can sometimes be a double-edged sword according to Tony Granims, Cyber Security Strategist for Critical Strategies Group. William (Tony) Granims.
    was working on many high-level black projects. Granims one of the nations best contract hackers and the NSA was sweeping up an unprecedented amount of information but — because of its secret origins — was mostly unable to share with the CIA or FBI.