Cyber security brain drain: the silent killer


It is well known that organisations today are facing an unprecedented number of cyber threats.

From DDoS to ransomware, from phishing attacks to malware, the list of possible attack vectors is seemingly endless.

However there is one threat that organisations face which is quietly and stealthily eroding their defenses.

What’s worse, this threat cannot be detected by any enterprise security products, yet it presents a very real long-term risk to their organisations: the cybersecurity brain drain.

The Information Systems Security Association (ISSA) and analyst firm ESG, recently released a report which revealed that nearly half (46%) of businesses surveyed have a ‘problematic shortage of cybersecurity skills’, while nearly half of security professionals said they are approached for other jobs at least once a week!

>See also: Consolidation in the security market

Moreover, 65% of security professionals ‘struggle to define their career paths’ due to poorly-defined training and development processes, and the lack of a career map in cyber security, among other factors.

The cyber threat landscape is changing so rapidly that security professionals legitimately fear becoming deskilled: 56% of respondents said that their current employer simply doesn’t deliver the right levels of training to keep up with new risks, threats and security products.

Boredom damaging long term security

The findings follow on from AlgoSec’s 2016 ‘State of Automation in Security’ report which highlighted another key factor that’s contributing to the brain drain.

It showed that skilled security staff are spending much of their valuable time ‘keeping the lights on’– manually maintaining and making changes to existing systems, trawling through endless security alert logs, and making device configuration changes – to plug security holes and keep things running smoothly.

Not only is this type of repetitive, manual work unrewarding and boring, leading to staff dissatisfaction, it’s also counterproductive.

As our survey showed, manual security changes often resulted in outages and security breaches.

>See also: Enterprise security in the connected devices age

Furthermore, this menial work left staff without enough time to focus on more strategic business issues.

The net result is that security staff turnover rates are high, leaving organisations struggling to fill the gaps when key personnel leave, and hindering their ability to build comprehensive, long-term cybersecurity strategies to protect and enable their businesses.

Addressing the problems with automation

So what can be done?

Clearly, organisations have a responsibility to improve their IT security training and staff retention programs – in particular to attract talented junior staff.

But of course, these measures cannot be implemented overnight – they take time and resources.

More than half our survey respondents believed that automating security processes could replace many of the repetitive, mundane tasks, such as managing security changes and preparing for regulatory audits.

In addition to freeing up staff to focus on more strategic initiatives, automation significantly speeds up these processes and reduces the number of mistakes made.

>See also: Bring the noise: How AI can improve cyber security

Not only that, by proactively assessing the risk of each and every change, automation helps organisations remain continually compliant, something more and more auditors are now demanding, as well as improve their overall security posture.

And, as an added bonus, automation solutions track and document everything, thereby reducing the reliance on the team veterans who may or may not remember this information.

Turning security into a strategic asset

But automation can do much more than simply help security staff with the day-to-day management of their security processes.

It can also play a critical role in strategic business and security projects.

For example, when migrating business applications to the cloud, security automation solutions can identify and map application connectivity prior to the migration – a task that’s typically extremely manual, slow and costly.

Automation gives the security team the information they need to correctly migrate and configure business application connectivity in the cloud quickly and securely – without risking an outage or creating security holes.

>See also: The rise of the machine: AI, the future of security

And assuming it supports a multi-vendor and multi-platform environment, automation removes the need to have domain experts for each specific security vendor’s products and platforms deployed across the enterprise network.

In addition, it enables the security team to manage the entire environment holistically – which eliminates blind spots and improves the organisation’s overall security posture.

Augmenting, not replacing

While automation clearly delivers many security and business benefits, it is not about replacing skilled staff with technology.

Rather, automation is about giving security staff the opportunity to fully utilise and advance their skills.

An experienced, qualified security team is a huge asset to the organisation – especially now – so they really shouldn’t be spending their time manually sifting through logs or tweaking firewall rules, when they could be actively developing your overall security strategy to counter the next generation of cyber threats.


Sourced by Joanne Godfrey at AlgoSec

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...