Help Wanted: Cybersecurity professionals with a desire to help organizations keep pace with threats.
The above sentence could have been placed on countless job advertisements for the past decade, yet recruiting and retaining the skilled cybersecurity professionals they need remains difficult.
The cybersecurity skills gap is not going away anytime soon. According to a 2021 survey of 489 security and IT professionals, 57% said the cybersecurity skills gap had impacted them. Of those impacted, 62% said it has led to increased workloads for existing staff, 38% cited unfilled open job requisitions, and 38% said burnout and attrition among staff. The even worse news is that 95% of the survey respondents said the skills shortage and its resulting impact is either the same as a few years ago (51%) or has gotten worse (44%).
Those numbers are equal parts troubling and telling. Securing the hybrid environments that many organizations have shifted to has only gotten more difficult. Cloud adoption, remote workers, mobility, and a host of other technology trends are challenging the security capabilities of companies around the world. Layered on top of these challenges are innovations by attackers in the form of zero-days and new malware. It takes a mix of technology and best practices to fight these threats. But it also takes people, making it critical for organizations to find a way to bridge the cybersecurity skills gap.
It takes a mix of technology and best practices to fight these threats. But it also takes people, making it critical for organizations to find a way to bridge the cybersecurity skills gap.
For those organizations dealing with an expanding attack surface and an elevated risk of cyberattacks, increasing automation, machine learning, and artificial intelligence offer a solution. The more these capabilities are woven into your security defenses, the better. Organizations need to make faster, smarter decisions, and those decisions should be powered by contextualized and comprehensive threat intelligence. Having knowledge of how threat actors operate offers organizations an opportunity to create a proactive defense that can detect emerging and existing threats. Doing so, however, requires the ability to collect, correlate, and analyze threat intelligence and apply it to your security.
Organizations looking to handle that process manually are in for a challenge, and it’s happening more often than you may think. Fifty percent of security practitioners use 100+ manual searches and spreadsheets in their workflow. When it comes to threat intelligence, the prospect of a team of individuals manually searching the deep, dark, and surface web is not tenable. Threat intelligence can also come from other places as well, such as Information Sharing and Analysis Centers (ISACs) and both commercial and free intelligence feeds. It is simply too much ground to cover, and that is before considering the actual processing of the information being gathered. The shortage of skilled cybersecurity analysts exacerbates this situation. To fill this need, organizations need the ability to automate the collection, correlation, and propagation of intelligence information throughout their security infrastructure.
Automation is critical here, and the reasons are simple: it increases speed and reduces the workload by decreasing the number of tasks that need to be done manually. The more automated a threat intelligence approach is, the more time security analysts will have for other activities such as investigation and malware analysis.
A recent survey showed that 85% of security practitioners have received little or no training in OSINT techniques and risk prevention from their employer. Security teams need a threat intelligence and investigation platform like Media Sonar to reduce risk and complexity by consolidating information from a variety of sources. Our cloud-based platform features the ability to access data from 400+ public sources, identify vulnerabilities for your assets, investigate potential bad actors, and identify relationships and connections between persons of interest (POIs). In addition, we use Threat Models, a system that conducts rule-based searches across the Internet to identify potential risks. The feature allows organizations to define what they want to protect and what keywords and phrases are indicators of an attack. The flexibility of Threat Models allows security teams to better detect and investigate a variety of threats such as brand impersonations, insider threats, and supply chain attacks. All of this information is collected and displayed in graph form on a single screen. With Pathfinder, security teams can create a visual map that enables them to preserve their investigations and track the links between data from different cases.
As the cybersecurity skills gap continues to impact organizations, it will take the right mixture of people, processes, and technology to address the challenges posed by an increasingly complex threat landscape.
Pathfinder is embedded in an action-oriented workflow designed to allow analysts to act quickly on any available information. By enabling organizations to identify the links between critical information such as user names and email addresses, Pathfinder can help open up new avenues of investigation and reduce the time analysts have to spend searching for the connections between data themselves.
As the cybersecurity skills gap continues to impact organizations, it will take the right mixture of people, processes, and technology to address the challenges posed by an increasingly complex threat landscape. While threat intelligence management is just one aspect of security, the ability to leverage that data effectively speeds up investigations and makes the process of detecting and responding to emerging and ongoing risks less burdensome for security teams. With the need outpacing the supply, every bit helps.