Can Automation Technology Narrow The Skills Gap Within IT Security?

Automation

We live in a world where you can boil the kettle from your bed and switch the heating on from the train home. You can link your lights to your alarm clock and have them wake you up like it’s sunrise and can even rely on your fridge to alert you to food that is reaching its expiry date.

There are certain technologies out there, and apps that you can download, that are helping us move towards a more centrally managed and automated home. For the more security conscious amongst us, a hyper connected home offers incredible functionality with immeasurable benefits. You can control your alarm system and smoke detector from your smartphone and be instantly alerted if any problems arise. These advancements are helping more and more of us run our daily, domestic lives more smoothly. But can we apply a similar logic to the workplace – in particular the fight against cybercrime – and create a more automated IT security department?

IT security professionals face enormous pressure to be the ‘eyes and ears’ of a business’ infrastructure at all times. “45% of people believe a lack of visibility of events happening across different systems and domains within a business impedes effective incident response rates” (Global Workforce Survey 2015). The industry skills gap could reach a 1.5 million person shortage by the year 2020, so organisations need to improve how IT security departments are supported. They must find ways to strengthen existing resources and, in turn, assist with the ongoing battle against cyber risk and protection.

One of the best methods to alleviate the pressure on IT security departments is to roll out an integrated approach. A central management system working together with a framework of intelligent security controls will monitor and report on security systems and processes in real time.

The benefits of such technology are immense. Leveraging this kind of technical capacity and combining it with the experience of the IT security professional should be paramount to an organisation’s overall strategy towards their threat defense lifecycle. In 2005, businesses reported an average of 25 cyber threats per day. Today, this number is closer to 500,000. It is outside actual human capacity to manually deal with this volume of breaches and be able to protect, detect and correct all of them. By automating certain aspects of the cycle, an organisation will create an all-round support system to help maximise staff resources. Alleviating the pressure IT security departments are under will allow them to focus on applying their expertise where it is really needed.

Inevitably, the rolling out of real time technology platforms and tools requires some initial investment. However, this doesn’t have to mean overhauling entire IT operations and investing millions in all the latest technology. It means finding ways of building on what you have and streamlining the processes that exist already, supplementing these to create a better, more integrated and intelligent system. The long term effect of these steps is to create an IT security department that, despite being short of resource and investment, can tackle cyber threat and security risk more quickly and effectively.

Anton Grashion

Anton is Director of Security Market Strategy EMEA for Intel Security and has over 20 years’ experience in the IT industry, spanning research, teaching, product development, product management, entrepreneurship, consultancy and IT management. For the past 16 years he has specialised in cybersecurity and how best to understand the rapidly changing landscape of threat, response and macroeconomic impact.