Cyber security resource shortage increases
It is no secret that there is a massive shortage of cybersecurity talent globally. Hundreds of thousands of unfilled cybersecurity roles remain open in 2017. In the US there are 350,000 to be exact, and in 2018 this number will only continue to grow.
Outsourcing of security services expands
With the human talent shortage comes the issue of organisations not having enough in-house talent to effectively address security incidents and issues. Companies will continue to look to vendors and managed services providers to help manage and mitigate security incidents and challenges.
>See also: The Trojan horse: 2017 cyber security trends
Women in cyber security
According to recent research, only 11% of the world’s information security workforce are women. A number of organisations are dedicated to helping women succeed in cyber security, such as Women’s Society of Cyberjutsu (WSC). The lack of security talent also presents a massive opportunity in 2018 for women to enter the field to make up for the talent shortage currently seen in cybersecurity.
Automation and orchestration
Even organisations who do have skilled security talent in-house find it very challenging to decrease the mean time to detect and the mean time to remediate security incidents.
This is mainly due to the fact that communication workflows and extremely simple tasks slow things down. In 2018, expect more and more organisations to turn to security automation and orchestration tools to overhaul internal processes and augment lines of communication.
Social engineering tactics have been used successfully for decades to gain a way in the door with little technical effort and the tactic isn’t slowing down any time soon. Security resources often spend a massive amount of time dealing with incidents caused by human error.
According to research, the vast majority of these attacks involve people, and the only real way to address this problem is through education and awareness training. In 2018, look for companies to invest more time and effort in strengthening the first line of defense, people.
Focus on people
Whether it comes from social engineering or from an insider threat, the human attack surface will continue to reach new heights. There are currently 3.8 billion internet users as of 2017 and that number is expected to reach 6 billion by 2020.
In 2018, look for organisations to shift focus and look for solutions that focus on the people problem. To combat these threats, organisations have to put together a plan that outlines the processes that best align with protecting the business and uses the power of various technologies to detect insider threats, streamline the investigation process, prevent data loss, and effectively respond.