Optiv Security and Momentum Cyber have published a new white paper entitled "E is for Efficiency," which discusses the five key trends and technologies that could dramatically reduce the impact of the cyber security skills shortage by creating much greater efficiency in enterprise security programs.
The paper details the state of the cyber security skills shortage, which is projected to hit 1.8 million jobs by 2022. "E is for Efficiency" then defines the five key technologies and trends in security that promise to lessen or even eradicate this problem:
- Machine Learning: Prior to Machine Learning, security was significantly more manpower intensive, relying on people and their knowledge to detect, investigate, report and remediate, with a large percentage of the actions taken by security teams being repetitive. The skills shortage, combined with the ever-increasing need for organisations to achieve efficiency, necessitates new technologies to accelerate time to detection, response and recovery. By strategically implementing machine learning to areas where it will save time and improve effectiveness, enterprises can eliminate wasteful triage processes that rely on analysts sifting through piles of data and alerts to find actual threats. Machine Learning also provides organisations with actionable intelligence to streamline workload and workflow processes.
- Platform Consolidation: Several security vendors have been building out security platforms through technology acquisition and new feature development. These integrated platforms provide interconnected functionality, which enables consolidated management that is far more efficient than managing disparate point tools.
- Security Integration: Having multiple security tools generating data and alerts can create a cacophony of useless "noise" in a security organisation. By integrating tools, organisations can dramatically speed up detection and response. For example, if an endpoint tool detects an infected laptop, it can trigger changes to firewalls to block the malware from communicating with its command-and-control host. However, while most tools have APIs for integration, they often are limited – so security pros should factor API quality into their buying decisions when procuring security tools, since they are critical to creating a truly integrated security stack.
- Automation and Orchestration: Security automation and orchestration accelerates the movement of data between tools for the purposes of threat prioritisation, response amplification, labour reduction and consistent workflow. This sector of security has seen massive investment and adoption, due to its promise to relieve security personnel of routine manual labour, and to implement effective workflows.
- Continuous Security Validation: Once these integration, consolidation and automation strategies are in place, enterprises must have systems to test that their security controls are properly configured over the course of time, even as network changes are made. Continuous security validation tools automate and speed the process of identifying misconfigured security tools and network devices.
When combined, these five trends and technologies eliminate enormous amounts of manual labour while improving overall security posture, through the reduction of human error, more effective use of on-staff expertise, and the use of continuous security validation. By automating manual tasks, they also relieve enterprises and service providers from the requirement of continually hiring more security professionals to manage an ever-growing infrastructure, thus curbing or even eliminating the impact of the cyber security skills shortage.