The shortage of skills is one of the biggest current challenges facing the cyber security community. Tools and services are widely available to organizations, though few people are qualified to perform the tasks needed in order for cyber security teams to excel.
A report by the Information Systems Security Association (ISSA), a community of global cyber security professionals, and independent industry analyst firm Enterprise Strategy Group (ESG), showed that the gap in skill capability has increased in the last few years. The survey consisted of 327 security and IT professionals worldwide uncovering that the skills crisis has continued to worsen for the fourth year in a row.
Among the biggest impacts of the skills shortage for organizations are increasing workloads, unfilled job requisitions, and the inability to learn or use cyber security technologies. Amid the major talent shortage, many CISOs are deploying security analytics and threat intelligence services, which can help them deal with the threats they’re facing. In the meantime, however, efforts are underway to help address the challenge.
Fullstack Cyber Advisory Board goals and challenges
For example, technology education provider Fullstack Academy and cyber security-focused non-profit Security Advisor Alliance recently launched a partnership and the formation of the Fullstack Cyber Advisory Board. The board consists of senior professionals from Fullstack Academy, Security Advisor Alliance, and leading organizations across the largest companies in the U.S., spanning multiple industries.
The board will focus on advancing Fullstack’s cyber security curriculum to uniquely qualify graduates for entry-level cyber security jobs, building the technical and soft skills employers are looking for in today’s evolving landscape. Business insights recently interviewed Gary Latham, CEO of the Security Advisor Alliance, to get his thoughts on the partnership and advisory board and their challenges and goals.
Latham: Mitigating cybercrime and contending with nation state attacks are certainly top of mind for our industry. As attacks become more common and sophisticated, they can have a much larger impact than just personal security. They can also affect global economies considerably. To address this challenge, we must narrow the skills gap by finding and attracting skilled individuals to enter the profession at all levels, but especially at the entry-level where younger professionals can learn, grow, and provide the industry with sustainability and longevity.
What is the significance of the recent
Latham: The curriculum begins by teaching the foundations and essentials of cyber security, covering topics such as AWS basics; computing, networking, and security concepts; and basic cryptography. Students then learn and experience both sides of the cyber security industry, participating in Red Team and Blue Team lessons and exercises. Finally, students will work on building their own enterprise-level environment with Security Operation Center on AWS. They will learn how to build, monitor, attack, and defend their own enterprise-level network.
How a business can address the skills gap right now
With ransomware and other security issues constantly proving a danger to business owners, IT leaders are starting to understand how to better distribute their tight cybersecurity budgets and limited headcount. The most sought-after technologies aimed at filling the skills gap currently include next-generation firewalls and threat intelligence platforms and services. Threat Intelligence can easily recognize threat actors as well as tactical indicators (a process called trailing). While not equivalent to network intrusion detection systems (NIDS) or other ready-made security solutions (including antivirus software), threat intelligence can be used as a complementary solution, as it doesn’t just recognize patterns. No matter the scope of threat intelligence, its final objective is the same: to help companies understand and provide predictive remedies for the kind of threats that typical security procedures can’t cover.
Learn more about how threat intelligence is shrinking the cybersecurity gap.