As the enterprise architecture becomes more and more complex, the task of the Chief Security Information Officer (CISO) becomes overwhelming. CISOs have a tough time to find talented cybersecurity professionals to support their job. In an interesting article in VentureBeat, Nir Donitza and Gal Ringel wrote about the cybersecurity landscape of Israel in 2018, and what it might predict from the global cybersecurity. A few of their findings point to some interesting trends.
AI is often thought as the holy grail in cybersecurity as more and more tasks can be automated. It was interesting to see the conclusion that AI-based solutions are not yet ready for security operation and monitoring and that there is an increasing need to develop security operation centers (SOCs). Many CISOs and CTOs claim that key projects are not started or stopped because they are unable to find skilled workforce to execute the projects.
This trend faces a serious uphill battle due to the lack of qualified cybersecurity professionals being on the market, especially in security monitoring and incident response. According to Steve Morgan, CEO of Cybersecurity Ventures, there will be 1.5 million cybersecurity jobs open by 2019.
The cybersecurity talent gap became a frequently debated topic in popular media and also within the cybersecurity community
Recruiting the right cybersecurity professionals is becoming extremely difficult, and a study by ISACA and RSA revealed that most cybersecurity job applicants require extensive training to start their job.
There is a strong trend to outsource cybersecurity operations to managed security service providers (MSSP) including the SOC operation. This is reasonable in the light of the talent shortage. Personnel at MSSPs are qualified and their daily job is to do the monitoring. However, I argue that their visibility on corporate networks is always limited to the interface and communication between the enterprise and the service provider. Hence, the solution to only rely on the MSSP or outsourced SOC cannot work.
Security has to be part of the whole organization’s culture and it is increasingly important that the employees of the company are security-aware, no matter what they do. As discussed above, it becomes more and more relevant in the job training. The employees of the company are best suited to prevent, to discover and to monitor security issues in an enterprise network. More importantly, they are in the best position to build software and systems that include security elements.
Outsourcing security to external providers cannot solve the problem. Employees are the key to defend an organization, so the CISO must make it a priority to embed security into development and operation.