Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Partner Perspectives  Connecting marketers to our tech communities.
5/19/2016
10:08 AM
Torry Campbell
Torry Campbell
Partner Perspectives
50%
50%

Looking Forward: A Skilled Security Talent Shortage Looms

The skilled security workforce crisis will continue for the foreseeable future, even as expert systems are deployed.

As we look forward, we can see a future where security operations are still hampered by a shortage of trained and experienced personnel. Even if our current efforts to encourage an increase in security training and enrollment in appropriate university programs work out, it will take more than four years for this new talent pool to begin having an impact on staffing threat operations teams. Moreover, threat actors are not going to back off until then and will continue to innovate and evolve their tactics, techniques, and procedures.

As a result of this continuing talent shortage, companies should try to figure out how to maximize their available resources and leverage emerging technologies. For example, expert systems, machine learning, and other technologies that augment human capabilities are promising developments, but they will take some time to mature into products or services that can reduce our dependence on human skill and judgment.

In the meantime, you still need resources with an understanding of both security technologies and your business. My recommendation is to develop skilled security resources from the existing talent pool inside your organization. Consider internal recruiting of experienced development, IT operations, or other technology specialists from within your organization and provide security training in an apprentice-style model. 

There are several advantages to including strong internal recruiting. These recruits will have a firm understanding of network, systems, and cloud technologies deployed in complex real-world operating environments. They will have a firm understanding of your business and the implication of security incidents. Successful candidates will have demonstrated effective critical thinking during troubleshooting and problem-resolution situations. All of these attributes give them a solid foundation for expanding into the security domain.

Educate Your Security Staff

An important corollary of the skills shortage is the need for continuing education for your in-house security and IT staff. The more specialized security defenses and services get, the easier it becomes to put blind faith in a black box. As your team learns to defend against emerging attacks and incorporate new defenses, look for ways to expand their technical and business knowledge. For instance, send them to Black Hat to learn about new exploit techniques. They also need opportunities to learn about new security technologies and services, whether from conferences, security vendors, or online courses.

Perhaps more important, your security and IT staffers need to continue to learn more about your business so they can identify critical risks, evaluate potential threats, and make quick decisions based on the big picture. For example, is your organization embracing DevOps, and is your security team involved?

Many of the most serious threats today are exploiting human vulnerabilities, not technological ones. Phishing, credential theft, social engineering, and other attack vectors leverage publicly-available knowledge of your industry and organization to get the first step inside. Greater knowledge of your business will help the security team identify the most likely threats more quickly and take proactive measures to protect the internal targets and detect the attack vectors.

Another outcome of the workforce crisis in security will be the development of new technologies and service offerings. While the biggest organizations may still try to staff all of their resources in-house, the need for specialization will result in pools of trusted and experienced people who are available on-demand. This requires further changes in education and operations, which I will explore in my next blog, “Preparing for Emerging Technologies.”

Torry Campbell is the Chief Technology Officer for Endpoint and Management technologies for Intel Security, formerly McAfee. From a decade at McAfee, he couples his security operations background with product management, development, and customer implementation experience to ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
mbp47252dr
50%
50%
mbp47252dr,
User Rank: Apprentice
5/23/2016 | 12:54:15 PM
Educated in Cybersecurity...but clearances impede progress...
Yes, there is a talent shortage with respect to Cyber-related needs; however, those individuals coming out of the educational pipeline will see that a large number of Cyber-repated positions require pre-existing/already-in-place security clearances. There needs to be pathways in place and/or available which allow un-cleared individuals to obtain clearance status so their skills can be utilized. I believe this is particularly important in the Cyber realm since the technologies are fast-changing/improving from both the attacker and defender positions - if an individual is forced to wait for an extended period of time before becoming cleared/employable, their skills and, ultimately, their ability to be utilized in a productive manner can be degraded.
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3493
PUBLISHED: 2021-04-17
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivile...
CVE-2021-3492
PUBLISHED: 2021-04-17
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (ker...
CVE-2020-2509
PUBLISHED: 2021-04-17
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later Q...
CVE-2020-36195
PUBLISHED: 2021-04-17
An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia C...
CVE-2021-29445
PUBLISHED: 2021-04-16
jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDe...