There is much discussion on the global shortage of information security professionals with some estimates topping out at over a million jobs in 2016 alone, and others claiming even double that by 2017. The media has even taken a lighter-side look at the problem with cartoons like John Klossner’s of Federal Computer Week:
The Obama administration made reference to the issue in Tuesday’s announcement of the Cybersecurity National Action Plan which includes initiatives to better prepare college students for cybersecurity careers.
Knowing you have a problem is important, but we also wondered about the scope. We engaged Jon Oltsik at ESG for a research project on Security Automation & Orchestration. Not surprisingly, the results made reference to the skills shortage.
(I’ll share a few interesting stats from the report today. You can also pre-register for a full copy. ETA is before RSAC.)
We asked 125 Information Security Professionals at large enterprises in North America thirty-seven questions. All have invested significantly in information security solutions to the point of having dozens of point products and a suffocating volume of security events from attacks that are more advanced than ever. Most are simply at a loss as to what to do next.
In the study, nearly 75% of the group agreed that security events/alerts are simply ignored because their teams can’t keep up with the volume. More than 50% of this group said they are ignoring as much as 75% of their alerts.
We simply can’t hire security talent fast enough to address the problem with brute force, and the staff we do have are constantly being poached for other opportunities. While Obama’s Cybersecurity National Action Plan will eventually help to offset the problem, it still leaves a gap until those students can be trained.
In our study, more than 70% of the group said the average employee with IR responsibilities has at least 10 years of experience (see chart below). Educational programs are certainly needed, but are really only effective when paired with real world experience.
At Phantom, we think Security Automation & Orchestration is the force multiplier needed to marshal the full power of your security investment towards solving problems like the talent shortage.
Enterprise security resources are stretched to the breaking point as attacks test your ability to respond. Phantom helps security operations reduce time to detect and respond through automation. Ranging from simple automation to fully autonomous response, Phantom lets you choose the best balance that fits your organization’s needs while increasing security and accelerating the entire incident response lifecycle. Faster triage, investigation, and recovery, combined with granular control of assets, ensures security at machine speed while maintaining continuity and control.
Interested in seeing how Phantom can help your organization? Get the free Phantom Community Edition, attend one of our Tech Sessions to see Phantom in action, or simply read read more about Phantom here.
Have you joined our $10,000 Playbook & App Challenge? Read more here.
The ESG Report is full of interesting insights on the skills shortage and other factors that demonstrate the need for a change. Be sure to pre-register for a full copy when it’s published in a few weeks.
VP, Field Operations
Phantom automates enterprise security operations. In the face of problematic trends including the dramatic increase and volume of attacks, severe shortages in qualified personnel, growth in the diversity and complexity of IT security environments and unforgiving consumers, investors and regulators holding management to task for breaches, Phantom arms security operations with the automation and orchestration solutions that ready them to defend their company’s business.
Visit TryPhantom.com to register for Phantom Community Edition, a free version of Phantom.