Is security automation the solution to cyber skills shortage?

Many analysts predicted security automation would be a top cyber security trend for 2018, and those forecasts have proven correct. The boom in demand for automation technology is hardly surprising; an ongoing shortage of skilled cyber professionals means businesses are looking at new ways to optimise security.

 

The cost of a breach – both in terms of financial losses and reputational damage – places incredible pressure on IT departments to keep ahead of cyber criminals. But does security automation hold the answer to the skills shortage?

 

Let’s examine the current state of the market, as well as the latest research into the challenges and opportunities of these solutions.

Security automation in 2018

One of the biggest problems facing cyber security professionals today is the deluge of alerts that threat detection technologies identify. There simply aren’t enough people to manually examine each problem, resulting in severe backlogs and delayed resolution.

 

Some organisations are instead focusing on security orchestration, automation and response (SOAR) tools to lessen the workload. These consolidate data, analyse information from traditional security information and event management (SIEM) sources, and automate the relevant responses.

 

Only one per cent of businesses that have security teams with more than five people used SOAR technologies in 2017. However, Gartner predicts this will climb to 15 per cent at the end of 2020.

 

By this time, fighting cyber crime will cost global organisations more than $6 trillion (£4.7 trillion) annually, according to Cybersecurity Ventures. The skills shortage will also have worsened, leaving 3.5 million cyber security jobs unfilled worldwide.

The benefits of security automation

Given the ever-present threat of cyber criminals, it’s no surprise that businesses are recognising the value of SOAR and other tools.

 

Respondents to a recent Juniper Networks study were asked to cite the biggest benefits of security automation. The three advantages mentioned by the highest proportion of industry experts were:

  • Increased productivity of security personnel (64 per cent);
  • Better correlation between identifying threat behaviour and the ability to address the volume of incidents (60 per cent); and
  • Simplified detection and response processes (54 per cent).

“The cyber crime landscape is incredibly vast, organised and automated – cyber criminals have deep pockets and no rules, so they set the bar,” said Amy James, director of security portfolio marketing at Juniper Networks.

 

“Organisations need to level the playing field. You simply cannot have manual security solutions and expect to successfully battle cyber criminals, much less get ahead of their next moves. Automation is crucial.”

The security automation Catch-22 

Investing in security automation would therefore seem a no-brainer for most businesses. The technology can help departments streamline incident response activities, which enables cyber professionals to spend more time on growth-oriented tasks.

 

Unfortunately, many organisations could find themselves in a Catch-22 situation. The implementation of SOAR and other automation technologies may help resolve cyber security skills shortages, but qualified professionals are needed to set up and maintain these systems in the first place.

 

Departments already spend most of their time putting out fires, leaving them few opportunities to build and develop comprehensive security automation processes.

 

Juniper Networks revealed only 35 per cent of organisations feel they have the in-house expertise to effectively use these technologies to respond to malicious threats. A further 57 per cent said they struggle to recruit people with the right knowledge and skills to roll out security automation.

 

Vendor sprawl is also an issue. Security environments typically comprise disparate technologies and multiple suppliers, creating significant complexities for organisations trying to achieve effective automation architectures.

Strengthening cyber security teams 

Automation is the future. But businesses may need to invest in cyber security skills now to ensure they can develop the technologies they need to protect organisations from evolving threats.

 

While automation can help reduce the workload on IT departments, whether it will help solve talent shortages is a more difficult question to answer. Organisations still require skilled cyber professionals to build and maintain automated security environments.

 

Nevertheless, security automation can at least free up your best people to concentrate on more value-added tasks than manual forensics. These added time and resources could prove essential in a world where cyber criminals always seem to be one step ahead of even the biggest brands.

 

Are you facing difficulties finding the right cyber security professionals? Would you like to discuss your recruitment strategy with a specialist recruiter? Please contact me on 020 7936 2601 or via email at sjd@barclaysimpson.com

 

Our Market Reports combine our review of the prevailing conditions in the security & resilience recruitment market with the results of our latest employer survey.

 

Image credit: metamorworks via iStock