CISOs who reduce or close their critical IT departments’ skills gaps have the highest probability of minimizing the business impact of cyberattacks – even when budgets and staffing are constrained, according to a SANS Institute study.
With the exception of very small businesses and government institutions, turnover and attrition rates for cybersecurity staff is at or below industry averages, according to the SANS report titled “Closing the Critical Skills Gap for Modern and Effective Security Operations Centers (SOCs)," to be released in a two-part webcast on July 29 and July 30.
However, security managers admit they tend to fall back on attrition as the reason for requesting staff increases, which reflects a lack of meaningful cybersecurity metrics at many organizations, SANS researchers said.
Survey respondents said security operational skills were the most needed, and cloud security skills were more sought after than network or endpoint security skills. Respondents also agreed that the most successful source of new cybersecurity employees was the company's existing internal IT staff. Yet hiring managers indicated they would rather see new hires with hands-on experience using common cybersecurity products – open-source tools, in particular.
While IT departments are sometimes understaffed, even at big enterprises, it’s not the headcount that matters, according to the data. Rather, it’s actual hands-on experience that moves the needle, says John Pescatore, survey author and SANS Director of Emerging Security Trends.
"This skills gap survey once again pointed out that despite all the headlines about a cybersecurity headcount shortage, it is really a skills gap – security people with hands-on experience with the top security tools and how to use them across hybrid cloud/on-premises systems are being hired for the skills, not just to add bodies," Pescatore notes. "By investing in training and tools skills as well as the maintenance of those skills, the increased productivity and reduced security staff attrition provides a huge return on investment."
The SANS Institute was established in 1989 as a cooperative research and education organization. Today, it is the world’s largest provider of cyber security training and certification to professionals in government and commercial institutions.