Date published: 2020-10-21

People and automation

The shortage of SecOps professionals still prevails. Automation can give a helping hand.

Can you guess what is considered the most important thing when it comes to strengthening the Security Systems for many industry sector’s managers?

The answer is not technologies, neither specific expertise nor audits, which are compulsory for certain organisations. According to research done by Flowmon Networks, QuBit Security, Synapsa Networks and SecTec, 117 respondents from multidisciplinary in Industry and Public Sector responded that the most urgent problem is not having enough Cybersecurity experts.

Talents and automation 1

This does not come as a surprise. The Cybersecurity sector has long suffered from expert shortages. However, the pandemic has increased the gap between the supply and demand.

The ‘wave’ investment to IT sector

The first reason is concerned with the rapid home office arrival, videoconference usage as well as other online activities including more intensive information search. All of these have contributed to a dynamic increase in hacking attacks and other criminal internet activities.

The digital world fraudsters have spotted an opportunity, which could only arise once in a lifetime. They have especially intensified massive phishing campaigns, ransomware and DDoS attacks and other activities. According to Harvey Nash and KPMG firms, around 4 200 IT Directors from around the world

The second reason is related to the massive investments into digitalization. In the spring wave, the organisations started buying technologies and IT services large-scale, to continue business as usual.

Many security experts had to help out with other tasks in their Departments as many organisations have spent their whole IT budget in this massive wave of technological investments.

A long-term gap

Those responsible for security found themselves under a lot of pressure. In 2019, a non-profit organisation (ICS)2 has estimated the shortage of IT security experts worldwide to be 2,8 mil. This year, according to (ICS)2, the gap between the supply and demand has increased to 4 million experts. In Europe, the estimated number is around 300 thousand.

Talents and automation 2

The consequence is that this year, for the first time in this decade, IT cyber security skills are among those in-upmost demand.

The cybersecurity experts can enjoy their increased skill value on the market. Unfortunately, only a few would be excited from the stress and overwhelming pressure while not having time to analyse all the security incidents and be concerned with the significant ones. The attackers gain valuable time in this way.

It won’t work without automation

Even when it comes to security incidents, time is money. From quick conjunction systems detection or data threat or following reaction depends on how much money will be spent on this incident. According to an analysis done by Cost of a Data Breach from IBM, the firms that use automated cybersecurity technologies could compromise the data twice more as the ones who have not deployed these measures.

Talents and automation 3
Source: IBM

The importance of technological tools has also been confirmed by the Accenture State of Cyber Resilience that has researched what the most cyber resistant organisations do differently.

Especially the reasons why they are able to detect and react to cyber threats quicker and more efficiently to go back to normal operation.

The studies have shown that leaders in cyber resistance rely on the security technologies spectrum, however they see the security tools with AI elements and systems for management and automation security incidents (SOAR) as the most important.

Last but not least, automation is important for team satisfaction, to create space for more important and innovative activities. Based on the research done by xMatters, in three quarters of organisations, the security experts spend at least half of their time looking into incidents. In addition, for the third of it is as high as 80%.