It's time to safeguard the financial sector: Navigate employee turnover to defend against escalating cyberattacks
It’s no secret that cybersecurity has a significant skills shortage. According to ISC2 research, the worldwide shortage is as high as 3.4 million cybersecurity workers. As a result, security professionals’ skills are in very high demand, making finding and retaining talent challenging. Swimlane’s own research shows that 82 percent of organizations report it takes three months or longer to fill a cybersecurity role, with 34 percent reporting it takes seven months or more.
The situation isn’t improving either. Some 70 percent of companies also report that it takes longer to fill a cybersecurity role now than it did two years ago. The challenge has led one-third (33 percent) of organizations to believe they will never have a fully-staffed security team with the proper skills, according to Swimlane’s survey
These shortages and high turnover rates have hit the financial sector particularly hard. Seventy-eight percent of respondents to the Swimlane survey who work in the financial services sector said security team turnover presents a risk to their organization. This challenge places an immense burden on security operations teams where persistent security events, network outages, and application downtime are placing a hefty financial and reputational toll on the business.
As the struggle to hire and retain talent continues, financial organizations must evaluate the effectiveness of their tools to mitigate risks more efficiently.
A prime target
Before exploring methods to alleviate the issue, it's essential to comprehend the sheer scale of threats to the financial services sector.
According to one study, the UK finance sector experienced more than 300,000 security breaches in 2022, making it the country’s second most breached industry. The Bank of England’s Systemic Risk Survey for the first half of 2023 also found that 75 percent of financial institutions cited cyber attacks as a source of risk to their organizations.
For any affected organization, the aftermath of a breach can be profound. The average cost of a breach in the UK now stands at £3.4 million, a slight decrease from the 2022 average of £3.8 million but still a potentially devastating amount. This is especially significant when considering the potential reputational damage, particularly if customer records are compromised.
Given these implications, how can the financial sector effectively address the challenges of the cybersecurity skills shortage and high turnover rates?
Embracing security automation amid hiring challenges
The obvious answer would seem to be to increase the number of cybersecurity staff, but as I’ve demonstrated above, that’s incredibly challenging. There is also the law of diminishing returns at play. A team of 100 cybersecurity pros at an organization is not exactly ten times as effective as a team of ten due to scaling issues, communication hurdles, and difficulty effectively and efficiently dividing the workload. Attracting and, critically, retaining the right talent is essential for the smooth operation of a security program. One part of accomplishing this is ensuring existing security teams feel empowered with the right technology to keep up with threats.
Enter low-code security automation. This technology represents a paradigm shift, freeing up security analysts from the drudgery of mundane tasks and low-hanging fruit that distract them from addressing urgent alerts. It gives organizations the ability to scale their implementation based on the team’s existing experience and with less reliance on coding skills.
Some security teams turn to no-code tools to address these challenges. While these tools appear attractive because of their ease-of-use, they often lack the flexibility and functionality required to respond quickly and effectively to today’s complex threats. That is because they are limited to specific use cases and have minimal customization options, mainly due to the absence of inputs for user-sourced coding. These products often attract smaller security teams due to their affordability and ready-to-use templates.
On the other end of the scale, legacy Security Orchestration, Automation and Response (SOAR) solutions can be burdensome due to their required extensive scripting and development resources That, in turn, makes it much more difficult to achieve one of the primary goals of security automation: to give security teams back the time they need to focus on high-priority alerts.
Low-code security automation offers a solution that is approachable enough for those without coding experience and sophisticated enough to satisfy the most demanding security operations teams. These low-code solutions address alerts faster to help overcome process fatigue and talent shortages while also helping organizations quantify the solution's business value in a UX-friendly, visual way that is easy to communicate to executives and the board of directors.
The adaptability of low code automation also means that organizations can easily harness these tools to address some of the unique security challenges faced by financial services companies. It can be implemented across security operations, network and cloud operations, compliance and risk, threat management, and incident response.
Ultimately, with the number and severity of cyberattacks increasing, the financial sector cannot afford to wait for the cybersecurity skills gap to narrow. Doing so will only result in overlooked alerts, lack of data analysis and staff turnover becoming an even bigger problem.
Instead, these organizations should embrace low-code security automation to help safeguard against threats more efficiently, and with the power to build custom solutions that reflect the organizations’ business practices.
Nick Tausek is Lead Security Automation Architect, Swimlane.