Partner Perspectives  Connecting marketers to our tech communities.
10:08 AM
Torry Campbell
Torry Campbell
Partner Perspectives

Looking Forward: A Skilled Security Talent Shortage Looms

The skilled security workforce crisis will continue for the foreseeable future, even as expert systems are deployed.

As we look forward, we can see a future where security operations are still hampered by a shortage of trained and experienced personnel. Even if our current efforts to encourage an increase in security training and enrollment in appropriate university programs work out, it will take more than four years for this new talent pool to begin having an impact on staffing threat operations teams. Moreover, threat actors are not going to back off until then and will continue to innovate and evolve their tactics, techniques, and procedures.

As a result of this continuing talent shortage, companies should try to figure out how to maximize their available resources and leverage emerging technologies. For example, expert systems, machine learning, and other technologies that augment human capabilities are promising developments, but they will take some time to mature into products or services that can reduce our dependence on human skill and judgment.

In the meantime, you still need resources with an understanding of both security technologies and your business. My recommendation is to develop skilled security resources from the existing talent pool inside your organization. Consider internal recruiting of experienced development, IT operations, or other technology specialists from within your organization and provide security training in an apprentice-style model. 

There are several advantages to including strong internal recruiting. These recruits will have a firm understanding of network, systems, and cloud technologies deployed in complex real-world operating environments. They will have a firm understanding of your business and the implication of security incidents. Successful candidates will have demonstrated effective critical thinking during troubleshooting and problem-resolution situations. All of these attributes give them a solid foundation for expanding into the security domain.

Educate Your Security Staff

An important corollary of the skills shortage is the need for continuing education for your in-house security and IT staff. The more specialized security defenses and services get, the easier it becomes to put blind faith in a black box. As your team learns to defend against emerging attacks and incorporate new defenses, look for ways to expand their technical and business knowledge. For instance, send them to Black Hat to learn about new exploit techniques. They also need opportunities to learn about new security technologies and services, whether from conferences, security vendors, or online courses.

Perhaps more important, your security and IT staffers need to continue to learn more about your business so they can identify critical risks, evaluate potential threats, and make quick decisions based on the big picture. For example, is your organization embracing DevOps, and is your security team involved?

Many of the most serious threats today are exploiting human vulnerabilities, not technological ones. Phishing, credential theft, social engineering, and other attack vectors leverage publicly-available knowledge of your industry and organization to get the first step inside. Greater knowledge of your business will help the security team identify the most likely threats more quickly and take proactive measures to protect the internal targets and detect the attack vectors.

Another outcome of the workforce crisis in security will be the development of new technologies and service offerings. While the biggest organizations may still try to staff all of their resources in-house, the need for specialization will result in pools of trusted and experienced people who are available on-demand. This requires further changes in education and operations, which I will explore in my next blog, “Preparing for Emerging Technologies.”

Torry Campbell is the Chief Technology Officer for Endpoint and Management technologies for Intel Security, formerly McAfee. From a decade at McAfee, he couples his security operations background with product management, development, and customer implementation experience to ... View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
5/23/2016 | 12:54:15 PM
Educated in Cybersecurity...but clearances impede progress...
Yes, there is a talent shortage with respect to Cyber-related needs; however, those individuals coming out of the educational pipeline will see that a large number of Cyber-repated positions require pre-existing/already-in-place security clearances. There needs to be pathways in place and/or available which allow un-cleared individuals to obtain clearance status so their skills can be utilized. I believe this is particularly important in the Cyber realm since the technologies are fast-changing/improving from both the attacker and defender positions - if an individual is forced to wait for an extended period of time before becoming cleared/employable, their skills and, ultimately, their ability to be utilized in a productive manner can be degraded.
Government Shutdown Brings Certificate Lapse Woes
Curtis Franklin Jr., Senior Editor at Dark Reading,  1/11/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-01-16
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in com_contact leads to a stored XSS vulnerability.
PUBLISHED: 2019-01-16
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration helpurl settings allowed stored XSS.
PUBLISHED: 2019-01-16
An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
PUBLISHED: 2019-01-16
An issue was discovered in Joomla! before 3.9.2. Inadequate escaping in mod_banners leads to a stored XSS vulnerability.
PUBLISHED: 2019-01-16
An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.