Skip to main content

There's No Automating Your Way Out of Security Hiring Woes | -CyberLuC

There's No Automating Your Way Out of 


Security Hiring Woes-



Enterprises increasingly depend on security automation and orchestration to help them keep up with the growing volume of cyberthreats. But at the same time, backlash is growing against the vendor marketing trope that security automation is the answer to bridging the cybersecurity skills gap.
And those are just a sampling of the skills shortage metrics. There are plenty more where these came from.
According to a Dark Reading survey conducted earlier this year, just 45% of organizations report that their security teams are fully staffed, and only 33% say they're armed with the right mix of skills they need to meet the threats coming in the next year. More startlingly, 14% of those surveyed say there are plenty of skilled cybersecurity workers available to fill the ranks. Meantime, the latest Global Information Security Workforce Study from (ISC)2 says we'll be facing a shortfall of security workers of 1.8 million by 2022.
The reflexive answer from many in the industry is, "Well, let's just automate our way out of this problem!" But security leaders on the front line of enterprise defense are stepping forward with more frequency to poke holes in that simplistic solution. The latest evidence of this comes by way of a study out this week from Ponemon Institute and Juniper Networks. 

Not only are the incident response and risk mitigation tasks left behind by automation more likely to require a more skilled responder to deal with, but getting automation properly set up also is an issue. More than half of organizations say they're unable to recruit knowledgeable or skilled personnel to deploy their security automation tools. It also often requires a lot of in-the-field experience to identify and codify the processes to be automated within any given organization. And then there is the issue of integration. The study shows that 63% of organizations report difficulties integrating their security automation technology and tools with existing systems.
But at the same time, respondents' answers indicate that automation isn't going to solve the team-building problem. In fact, those hiring issues are making it difficult for many organizations to effectively leverage security automation. The study shows only 35% of organizations say their organizations have the in-house skills to effectively use security automation for responding to threats.  
"Automation will do anything but close the cybersecurity staffing gap," says Druva CISO Drew Nelson. "Apply automation to security, and you are in a catch-22. Any tasks that are automated are likely to be simple, with defined start and end points. Any 'remaining items' are going to be left over for the security staff to carry out. Arguably, these are going to be the more painful and arduous tasks that are repetitive in nature but require deep technical and domain knowledge."  Read More ---

Comments

  1. ICS Cyber SecurityJuly 24, 2018 at 7:04 AM

    Nice information... Thanks for sharing information on Security Automation. I found the details shared very helpful.

    ReplyDelete

Post a Comment

Popular posts from this blog

Top 5 Website Vulnerability Scanning Tools [New Listing 2018] -CyberLuC

Top 5 Website Vulnerability Scanning Tools [New Listing 2018] -CyberLuC This is why security testing of web applications is very important because In the past, many popular websites have been hacked. Hackers are now active and always try to hack websites and leak data.   And here comes the role of web application security scanners. Web Application Security Scanner is a software program which performs automatic black box testing on a web application and identifies security vulnerabilities. Scanners do not access the source code, they only perform functional testing and try to find security vulnerabilities. The moment our world went online and enterprises started conducting their businesses using websites, they became the primary targets for hackers. The situation worsened with the  emergence of Content Management System(s) (CMS)  – like WordPress, Joomla, Drupal etc., – which while offering an easy way to build (as well as customize) websites, left...
Post a Comment
Read more

Top 5 Most Popular and Best Cyber Forensics Tools | -CyberLuC

Top 5 Most Popular and Best Cyber Forensics Tools The art of Cyber forensic investigation is quite complex and requires rigorous precision in following every investigative step from Acquisition to Analysis & Reporting. Experts now face the need for dependable tools that help them to do so, from the beginning. Every investigation requires usage of multiple tools, dependence on a sole tool causes the investigation to lose its flexibility and makes it prone towards ambiguity.   Cyber forensic: As the title says, it is collecting evidence for investigation after an unwanted activity has occurred. Cyber/Computer Forensics is a department that comes under Digital Forensic Science for improving cyber security Here are top 5 cyber forensic tools preferred by specialists and investigators around the world. So what are the tools used by these professionals? Here’s a list of top 5 tools  used with a brief description and key features. #1)Pro Disc...
Post a Comment
Read more

2018’s Most Dangerous Cyber Threats| -CyberLuC

2018’s Most Dangero us Cyber Threats The year 2017 witnessed some of the biggest cyber attacks of all times. This includes WannaCry Cyber Attack propelled by North Korea targeting more than 250,000 computers worldwide, NotPetya cyber attack on companies operating in Ukraine & Russia and the much-publicized Equifax data breach which even led to the resignation of the CEO after data of more than 143 million US Citizens was found to be compromised. And according to Gartner, Information security spending is said to reach $86.4 billion by the end of 2017 and will probably cross the $110 billion mark by the end of next year. 2018 is a new year, and with it come newer, more advanced cyber threats. A growing set of efforts against individuals, businesses, and international security, cyber-attacks threaten systems and devices that people use every day, from smartphones to the websites you check before bed every night, to your work computer. Cyber threats have a variety of aim...
1 comment
Read more