Creating the next generation of cybersecurity leaders
In today’s cybersecurity landscape, the value of good cybersecurity tools is undeniable. What is more valuable are the people behind the tools -- however, the amount of open cybersecurity positions worldwide is growing year over year. Currently, there are more than 300,000 open cybersecurity roles in the U.S. alone, but by 2021, Cybersecurity Ventures expects that number will reach 3.5 million.
This gap is felt by cybersecurity leaders; in fact, a recent study found that more than 70 percent of the cybersecurity decision makers agree that their organizations do not have the staff or necessary resources to monitor all cybersecurity threats that their organizations face. With the number of cybersecurity openings growing yearly and the sophistication and frequency of cyberattacks increasing, in order to build the cybersecurity leaders of tomorrow, business leaders must turn their attention to things that they can control: investing in the right solutions and their staff.
Investing in the Right Solutions
Not all solutions are created equal in this market; some solutions are better than others, but when it comes to selecting the right cybersecurity tools for your organization, you must select the ones that address your specific challenges. For example, there might be a specific challenge that only a handful of startups in the space address, so it doesn’t make sense to go with the vendor that solves half the problem. Though, too many solutions can also be a problem, as the security team becomes more inundated with security alerts to investigate.
In the never-ending battle against advanced cybersecurity threats and the growing skills gap, more organizations are investing in security orchestration, automation and response solutions, or SOAR solutions, to enhance their security teams. SOAR solutions integrate with existing security tools and threat intelligence sources providing a centralized view of the environment.
SOAR solutions give security teams the ability to leverage both a human and machine power to define, prioritize and drive standardized incident response activities according to a standard workflow. With these solutions in place, security teams have the ability to automate remediation processes for low threat incidences and more efficiently investigate potentially harmful incidences without causing employee burnout. This also enables security analysts to spend less time on mundane tasks, and more time developing their skills to be better equipped to manage the threats of tomorrow.
Lastly, budget is usually a problem for IT security teams, so selecting solutions that assist the team with measuring and reporting value is critical for today’s business leaders. In this era where security breaches are too common, it is important that business leaders and boards understand the value of their security team and the solutions they’ve invested in. Having the ability to produce reports just as your HR or finance teams would is critical to showcasing the ROI of security solutions.
Investing in Staff
It’s one thing to have the right solutions in place, but that doesn’t necessarily mean that the security analysts know how to use them. According to a recent survey, only half of organizations are training their staff how to use their tools, weakening their overall security posture. Once the solutions are implemented, it is critical that security teams are properly trained by the product manager at the respected vendor. This is the difference between a resilient organization and an organization that is just hoping for the best.
Think about it like driving a car: a car without human intervention does not do anything. Add a driver who’s never driven before, it’ll be a bumpy ride. Though, if the driver is taught how to drive by someone with more experience, they will be better prepared to drive on their own.
Another way that business leaders can invest in their cybersecurity staff is by offering mentorship programs. An American Society for Training and Development survey found that 75 percent of executives said mentoring was critical to their career development. Mentorship programs are key to ensuring that the cybersecurity leaders of the future are successful.
Mentorships accelerate skill development as mentors identify skills that the mentee should continue to develop, and opportunities to facilitate career growth. Mentors also help mentees feel more comfortable in the workplace and immerse them in the company culture promoting collaboration.
Creating the next generation of cybersecurity leaders starts by acting today. Business leaders must take the necessary steps to research and implement the correct cybersecurity solutions that address their specific needs, followed by taking the time to train staff on how to use those solutions. And lastly, implementing a mentorship program that continues skill development and career growth.
Adam Vincent is the CEO and a founder at ThreatConnect, Inc. He possesses over a decade of experience in programming, network security, penetration testing, cryptography design & cryptanalysis, identity and access control, and a detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect, the first-of-its-kind threat intelligence platform. He currently serves as an advisor to multiple security-focused organizations and has provided consultation to numerous businesses ranging from start-ups to governments, Fortune 500 organizations, and top financial institutions.