3 Strategies for Dealing With the Widening Cybersecurity Skills Gap

3 Strategies for Dealing With the Widening Cybersecurity Skills Gap

Many Security Operations Center (SOC) teams are under immense pressure! They’re facing many different challenges and while cybersecurity spending is increasing, investment isn’t always placed where it is needed most (and this is a contributing factor).

Creating and maintaining a top-performing SOC team takes time and money. The average cost for employing and maintaining an enterprise-level SOC is ~$2.86 million but a ‘highly effective’ one was closer to ~$3.5 million per year, according to a report by the Ponemon Insititute. 

Tool sprawl is another reason for this large growing number. The average enterprise has about 45 different security tools and solutions but past a certain point, adding too many tools to your technology stack leads to increased complexity, more manual tasks, and data that must be correlated among other things. This puts heavy pressure on security team members without centralized visibility or a clear understanding of what to prioritize. This results in skilled professionals struggling with high-stress levels which in turn leads to excessive job turnover, leaving security professional positions in high demand and short supply.

Organizations should do the following three things to combat the widening skills gap:

  1. Introduce automation to replace common and repetitive manual tasks
  2. Increase awareness and context to improve speed and accuracy of incident response
  3. Improve processes and document SOC effectiveness to help teams understand their impact.

Business and security leaders are aware that they are challenged by a critical shortage of skilled cybersecurity professionals. Given the volume and sophistication of recent attacks on governments and critical infrastructures, it’s no surprise that there is a large focus on the skills gap. By introducing a Security Orchestration, Automation, and Response (SOAR) platform, a SOC team can quickly set up automations that replace manual labor – saving Analysts’ time and resources. Then focus on providing the correct solution for increasing awareness with a Threat Intelligence Platform (TIP) to understand deeper context and improve incident response. And lastly, helping security team members be more effective and visually see their actual impact is vital to increasing job satisfaction and retention rates. 

By focusing on the needs of security professionals, an organization can address the widening skills gap and combat it by raising satisfaction and retention rates. This will drastically change and enhance your security team’s effectiveness and ability to secure and protect the business.

Equip your security team with the correct tools, support, and automation for higher job satisfaction, lower turnover, and overall more effective cybersecurity protection.

DJ Goldsworthy
About the Author
DJ Goldsworthy

DJ Goldsworthy, CISM, CISSP, CRISC, SSCP, is Vice President and Global Practice Lead, Security Operations and Vulnerability Management at Aflac. He is responsible for driving the strategy for security operations, incident response, threat management, vulnerability management, security administration, application security and security engineering with a focus on global security practices, which include a Red Team based in Northern Ireland and the US, a global SOC operating in the US and Japan, and award winning Threat Intelligence and Enterprise Vulnerability Management programs. For the past two years, Goldsworthy has been focused on securing digital transformation efforts centered on public cloud, DevSecOps and modern adaptive security architectures.