Optiv Security and Momentum Cyber White Paper Defines the Five Trends and Technologies that will Relieve the Cyber Security Skills Shortage
Optiv Security/Momentum Cyber White Paper Defines the Five Trends and Technologies that will Relieve the Cyber Security Skills Shortage
Optiv Security and Momentum Cyber have published a new white paper entitled “E is for Efficiency,” which discusses the five key trends and technologies that will dramatically reduce the impact of the cyber security skills shortage by creating much greater efficiency in enterprise security programs. The paper details the state of the cyber security skills shortage, which is projected to hit 1.8 million jobs by 2022. “E is for Efficiency” then defines the five key technologies and trends in security that promise to lessen or even eradicate this problem:
- Machine Learning: Prior to Machine Learning, security was significantly more manpower intensive, relying on people and their knowledge to detect, investigate, report and remediate, with a large percentage of the actions taken by security teams being repetitive. The skills shortage, combined with the ever-increasing need for organizations to achieve efficiency, necessitates new technologies to accelerate time to detection, response and recovery. By strategically implementing machine learning to areas where it will save time and improve effectiveness, enterprises can eliminate wasteful triage processes that rely on analysts sifting through piles of data and alerts to find actual threats. Machine Learning also provides organizations with actionable intelligence to streamline workload and workflow processes.
- Platform Consolidation: Several security vendors have been building out security platforms through technology acquisition and new feature development. These integrated platforms provide interconnected functionality, which enables consolidated management that is far more efficient than managing disparate point tools.
- Security Integration: Having multiple security tools generating data and alerts can create a cacophony of useless “noise” in a security organization. By integrating tools, organizations can dramatically speed detection and response. For example, if an endpoint tool detects an infected laptop, it can trigger changes to firewalls to block the malware from communicating with its command-and-control host. However, while most tools have APIs for integration, they often are limited – so security pros should factor API quality into their buying decisions when procuring security tools, since they are critical to creating a truly integrated security stack.
- Automation and Orchestration: Security automation and orchestration accelerates the movement of data between tools for the purposes of threat prioritization, response amplification, labor reduction and consistent workflow. This sector of security has seen massive investment and adoption, due to its promise to relieve security personnel of routine manual labor, and to implement effective workflows. Optiv’s researchers found a 96% reduction in the average time to triage an alert after implementing automated workflows.
- Continuous Security Validation: Once these integration, consolidation and automation strategies are in place, enterprises must have systems to test that their security controls are properly configured over the course of time, even as network changes are made. Continuous security validation tools automate and speed the process of identifying misconfigured security tools and network devices.
When combined, these five trends and technologies eliminate enormous amounts of manual labor while improving overall security posture, through the reduction of human error, more effective use of on-staff expertise, and the use of continuous security validation. By automating manual tasks, they also relieve enterprises and service providers from the requirement of continually hiring more security professionals to manage an ever-growing infrastructure, thus curbing or even eliminating the impact of the cyber security skills shortage.
If you are a member of the media interested in further analysis on any of the issues addressed in “E is for Efficiency,” please contact Jason Cook at Jason.Cook@optiv.com or (816) 701-3374 or Kim Hughes at Kim@blueshirtgroup.com of (415) 516-6187.
About Optiv Security
Optiv helps clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers. For more information, visit www.optiv.com.