New Strategies Must be Put Into Action to Deal With the Imbalance of Cybersecurity Resources
Globally, two-thirds of organizations admit to a lack of cybersecurity expertise. ISACA predicts a 2 million cybersecurity worker shortfall by 2019. While this has created tremendous growth in cybersecurity training, the growth in attacks seems to always outpace our ability to defend. The cybersecurity community needs to identify where untapped resources exist in order to move beyond traditional industry practices and contend with this imbalance.
Strategy #1 – Recruit more women
“Women are globally underrepresented in the cybersecurity profession at 11%, much lower than the representation of women in the overall global workforce,” according to The 2017 Global Information Security Workforce Study: Women in Cybersecurity. This percentage is the same rate of participation as the 2013 report. We’re not going to close the shortfall in workers by ignoring half the population.
That’s why this summer’s recent news about Girl Scouts being able to earn cybersecurity badges in 2018 is so encouraging. Raising interest among young women to enter the cybersecurity profession is critical to expanding the availability of qualified security workers.
The Girl Scouts aren’t holding back either. This isn’t just an afternoon behind a keyboard, mindlessly typing in characters from a sheet of paper. There are a series of 18 badges planned, along with weekend-long hackathons.
These future professionals will enter a challenging workplace, though, if current conditions hold. While wage gaps for women in cybersecurity have narrowed to a range of 3-6% (dependent on the organizational level), an alarming 51% of women indicated that they experienced some form of discrimination, compared to 15% of men in the above Security Workforce Study. 28% of women indicated that their opinions aren’t valued. We’re going to have to do much better as an industry to improve work environments if we want to attract and retain talented women, and make a dent in the skills shortage.
Strategy #2 – Expand the use of security analytics
Analytics has been in use for fraud detection in the financial industry for decades, but the technology has only recently been employed in cybersecurity. There are two primary types of security analytics:
User Behavior Analytics (UBA) – detection of user behavior anomalies that can indicate a compromised or malicious account.
Network Analytics – used to identify infected hosts with malware that may or may not already be a known threat.
These security analytics types can be used to create actionable intelligence for front-line analysts. When the lack of resources presents a challenge, we must use technology to give the people we have greater advantages over attackers.
Often, front-line analysts are overwhelmed with alerts, which can be paralyzing. Analytics applied to SIEM technologies can provide analysts with starting points and remove some of the guesswork from the security investigation process.
For example, log data often provides the “what” and the “where,” but seldom the “who” during an investigation. But, it is critical to know which user(s) is exposed during a malware infection. Analytics can make searching for and finding the authenticated user for a particular event or incident simpler and faster.
Another way analytics can reduce the workload for frontline analysts is by adding context. Threat intelligence data joined to an event data set, and then modeled from a visualization perspective, can provide faster insight or even expose connections that aren’t obvious, which can accelerate the response to shut down an attack.
Whether we encourage the participation of young women in cybersecurity professions or improve the effectiveness of our existing personnel through security analytics or uncover another solution, we must do more, as an industry, to address the lack of cybersecurity expertise. Encourage the women you know, and if you’re in a position to mentor them, help them to achieve greater leadership opportunities, so that girls have more role models. Who knows, maybe one day a Girl Scout badge for security analytics will inspire someone to solve the security imbalance permanently.