Optiv Security and Momentum Cyber White Paper addresses cyber security skills shortage

Optiv Security and Momentum Cyber have published a joint White Paper entitled ‘E is for Efficiency’ which focuses on the five key trends and technologies that could “dramatically reduce” the impact of the cyber security skills shortage by creating much greater efficiency in enterprise security programs.

The White Paper details the state of the cyber security skills shortage, which is projected to hit 1.8 million jobs by 2022. ‘E is for Efficiency’ then defines the five key technologies and trends in security that promise to lessen or even eradicate this problem.

Machine Learning

Prior to machine learning, security was significantly more manpower intensive, relying on people and their knowledge to detect, investigate, report and remediate, with a large percentage of the actions taken by security teams being repetitive.

The skills shortage, combined with the ever-increasing need for organisations to achieve efficiency, necessitates new technologies to accelerate time to detection, response and recovery. By strategically implementing machine learning to those areas where it will save time and improve effectiveness, enterprises can eliminate wasteful triage processes that rely on analysts sifting through piles of data and alerts to find actual threats.

According to the White Paper, machine learning also provides organisations with actionable intelligence to streamline workload and workflow processes.

Platform Consolidation

Several security vendors have been building out security platforms through technology acquisition and new feature development. These integrated platforms provide interconnected functionality, which enables consolidated management that’s far more efficient than managing disparate point tools.

Security Integration

Having multiple security tools generating data and alerts can create a cacophony of useless ‘noise’ in a security organisation. By integrating tools, organisations can dramatically speed up detection and response.

For example, if an endpoint tool detects an infected laptop, it can trigger changes to firewalls to block the malware from communicating with its Command and Control host.

However, while most tools have APIs for integration, they’re often limited. That being so, security professionals should factor API quality into their buying decisions when procuring security tools, since they are critical to creating a truly integrated security stack.

Automation and Orchestration

Security automation and orchestration accelerates the movement of data between tools for the purposes of threat prioritisation, response amplification, labour reduction and consistent workflow. This sector of security has seen massive investment and adoption due to its promise to relieve security personnel of routine manual labour and implement effective workflows.

Continuous Security Validation

Once these integration, consolidation and automation strategies are in place, enterprises must have systems to test that their security controls are properly configured over the course of time, even as network changes are made. Continuous security validation tools automate and speed the process of identifying misconfigured security tools and network devices.

When combined, these five trends and technologies eliminate enormous amounts of manual labour, while improving overall security posture through the reduction of human error, the more effective use of on-staff expertise and the use of continuous security validation.

By automating manual tasks, they also relieve enterprises and service providers from the requirement of continually hiring more security professionals to manage an ever-growing infrastructure, thus curbing or even eliminating the impact of the cyber security skills shortage.

*Access copies of the new White Paper

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts