Bridging the security resource gap

By February 22, 2019 No Comments

As companies face the challenge of combatting an expanding threat surface with a lack of internal resources, Soteryan’s CEO, Patrick Hart, looks at the role in-house and strategic partners will play in the future of this battle.

Companies face an uncomfortable combination of issues when it comes to managing their security. Firstly, many are not adequately prepared to deal with any specific breach, even more worryingly when breaches do occur they are more often than not the result of non-sophisticated attacks that could easily have been mitigated. Secondly, while the technologies and controls already exist to help them mitigate these problems, companies often don’t have the resources to access or  implement them.

So how do we go about bridging this gap in the short term and ultimately solving it for the future? The answer lies in layers of support. Much like we need to build a layered defence against cyber-attacks we also need to build a layered solution to our resource issues. These can be broken down into three categories:

1)  Building a strong in-house team

It is critical to build a strong in-house team that is capable of implementing your security strategy; one that can be part of the trusted central nervous system of your defences. People inside an organisation will know the threats better than anyone else, because of their daily first-hand knowledge of the business. However, the issue here for CISOs is that there is

currently a lack of skilled resources within the security sector. Most companies could start by tighten internal talent requisition, identify areas of weakness, develop strong hiring briefs, ensure HR management keep interviewing potential talent

It can be hard to build a complete team of qualified people around you; so focusing on having a smaller number of in-house security specialists make sense. This can be supplemented by training others within the IT team to support the data security side – Though training is often one of the first cuts when budgets are tightened – the arrival of GDPR now means that increasingly security is everybody’s concern within the organisation so educating your team and others has become critical.

Some managers even have concerns around training, there’s a well-known business tale that highlights the need to do this. A CFO and CEO are discussing whether they should train their staff, the CFO says, “What if we train our employees and they leave?” To which the CEO replies “What if we don’t train them and they stay?”.

2)  Finding trusted partners

However important a strong in-house team is, the speed at which the threat landscape continues to grow, and the variety of attacks being used means that outside input from subject-matter specialists is also invaluable. On top of this, if your in-house team builds your in-house systems and processes and the architect leaves you can end with a serious knowledge gap. This can be an impediment to your cyber security strategy, particularly if you have invested hundreds of thousands into creating a security operation center and

you lose one or all of the key architects. Suddenly there’s no knowledge available on how to maintain, innovate and keep the operations center up to date.

This is why it’s essential that your internal team works with external guidance from a trusted partner, one which has a heritage in the cybersecurity sector and whose ethos and abilities reflect the needs and ambitions of your business.

A key thing to remember with external partners is that they will often help you to view your organisation in a different light. They will also know more about how the outside world see’s the company than its own executive management. These subject matter experts and strategist will work with you and your in-house team to pinpoint the areas where you need support and find the very best possible solutions on the market to help you solve your challenges. The right team will come with an array of relevant skills and sector knowledge, honed over many years and across many different clients and areas. This level of experience is usually prohibitively expensive to have in an in-house team on a day-to-day basis.

3)  Work with the best vendors available to you

In addition, as cyber is such a broad and often complex area, companies will need a mix of different partners – both large and small – in order to maintain and innovate technologies, to apply controls and to implement standardisation. For strategy, implementation and customisation of their environments the boutique-sized partners are often best as they are able to get more intimate with the company and work as a trusted partner. But the big company partners and vendors are also critical to this equation – they come into their own with development of large-scale enterprise projects, alongside support and standardisation.

So, the immediate answer to the challenge of filling the security resource gap is that companies need more partners that are subject matter experts to help them develop and implement their strategies supported by the best solutions on the market. Longer term the industry will need greater investment across the board to fight the coming scale of threats.