Recent ESG research points to growing skills gap for enterprise security As the old cliche goes, “people are the weakest link in the security chain.” This saying is usually pointed at consumers and non-IT employees who exhibit risky on-line behavior and can’t possibly keep up with the latest security threats and defenses. Unfortunately, the “weakest link” metaphor now applies to security professionals as well. In January of this year, ESG Research asked IT professionals to identify areas in which they had a “problematic shortage” of needed skills — 22% of organizations said they had a problematic shortage of information security skills. This is consistent with a late-2010 report from the Center for Strategic & International Studies (CSIS) titled, “A Human Capital Crisis in Cybersecurity” (http://csis.org/publication/prepublication-a-human-capital-crisis-in-cybersecurity).Last week, ESG published a new report on Advanced Persistent Threats (APTs) and their impact on security strategy at US-based enterprise organizations. Not surprisingly, sophisticated attacks like APTs are stressing already overtaxed security skills. For example:1. 21% of organizations rate their ability to detect attacks in progress as “fair” or “poor”2. 17% of organizations rate their ability to monitor network traffic at all network ingress/egress points as “fair” or “poor”3. 17% of organizations rate their ability to remediate a compromised system as “fair” or “poor”The big problem I saw throughout this project was centered on security forensics and analytics. Large organizations are capturing data from a number of sources (i.e. log data, Netflow, CMDBs, packet capture, etc.) through a number of tools and then manually trying to identify the malicious needles in the haystack. This hasn’t worked for years while the consequences associated with successful attack grow more and more dire.We need to get busy with training courses, government grants, and K-12 education on cybersecurity but these programs will take years before delivering ROI. In the meantime, security vendors need to come up with more scalable, integrated, and intelligent security tools while CISOs think long and hard about offloading security tasks to 3rd party specialists. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe