Do you have confidence that your in-house security personnel has the knowledge, experience and technology to defend against cyberattacks?
If so, there’s a chance you may be fooling yourself.
Consider this: In a 2016 survey that spanned eight countries, the McAfee unit of Intel Security found that 82 percent of the respondents reported a shortage of cybersecurity skills. Even worse, 71 percent said this skills deficit was causing direct and measurable damage to their organizations.
Early in 2017, the industry organization ISACA found that one in four of the companies it surveyed said it could take six months or longer to fill their high-priority cybersecurity and information security positions. Only 59 percent of the surveyed companies said they received at least five applications for each cybersecurity opening, compared to receiving 60-250 applications for most other corporate jobs.
Exacerbating this skills shortage is the constantly evolving cyberthreat landscape.
New forms of threats, such as ransomware, combined with new vectors of attack, including mobile and Internet of Things (IoT) devices, make for a dicey cybersecurity scene. Layer on top of that the massive growth of sensitive corporate data and the critical role of data in today’s business world, and the potential risks and consequences of breaches skyrocket.
82 percent of the respondents reported a shortage of cybersecurity skills
Consider just a few data points contained in an AT&T Cybersecurity Insights report, The CEO’s Guide to Data Security:
Even organizations with fully staffed security operations centers can struggle to keep pace with the growing diversity and volumes of cyberattacks. And, as the skills shortage surveys suggest, fully staffed SOCs are becoming more the exception than the rule.
To be sure, gaps in security skill sets can be offset somewhat by cutting-edge threat detection and response technologies, which increasingly automate tasks that security analysts once had to do manually. Indeed, the volume and diversity of cyberthreats requires such technological solutions, even when companies have extensive in-house talent.
Beyond technological bridges that span skills gaps, many organizations are turning to outside consultants and managed services providers (MSP). Providers of cloud-based security solutions and other MSPs make it a high priority to hire top-level security experts, and can then spread the knowledge and experience of these experts across a wide client base. Last year, an IDG Enterprise study found that 73 percent of the companies surveyed had already adopted at least one cloud-based security component.
... many organizations are turning to outside consultants and managed services providers
Given a future in which the supply of cybersecurity talent will almost certainly continue to fall well short of the demand, companies should prepare to depend increasingly on automated security solutions as well as on third-party expertise and cloud-based services. What companies must guard against – beyond the cyberthreats themselves – is a false sense of security, thinking that their in-house employees can counter every threat they’re likely to face.
Learn more about protecting your business in AT&T Cybersecurity Insights, Volume 6: "Mind the Gap: Cybersecurity’s Big Disconnect."
In this invaluable report, you'll read about the troubling disconnects that have emerged between today's cybersecurity threats and organizations' countermeasures, as well as what you can do to help strengthen your defenses and reduce risk.
Learn how your business can fill the gaps and help strengthen its defenses in this free, interactive report: “Mind the Gap: Cybersecurity’s Big Disconnect.”
Share this with others
READ MORE ARTICLES ON:
Sign up for the AT&T Business newsletter
Your feedback will help us to improve AT&T Business so you continue to have a great experience when visiting us!
This survey is conducted by an independent company ForeSee for AT&T.
Yes, I’ll give feedback!
Please provide the following information to access your document:
* To access your content, please check your browser settings to make sure pop-up windows are allowed.