I\u2019ve written a lot about the cybersecurity skills shortage over the past five years. For example, ESG research indicates that 45 percent of organizations claim to have a problematic shortage of cybersecurity skills.\u00a0To me, the cybersecurity skills shortage represents an existential problem. If you don\u2019t have enough people or the right skills, it really doesn\u2019t matter what types of security controls you have in place because you simply won\u2019t be able to keep up with changing threats and day-to-day workloads.Cybersecurity skills are especially important when it comes to security analytics and operations. It takes highly experienced professionals to investigate security incidents, synthesize threat intelligence, or perform proactive hunting exercises.\u00a0Unfortunately, this skills set is particularly lacking. In a recently published ESG research report, Cybersecurity Analytics and Operations in Transition, 412 cybersecurity and IT professionals were asked about the size and skill set of their organization\u2019s cybersecurity team. As it turns out, 54 percent of survey respondents said the skill level for cybersecurity analytics and operations was inappropriate for an organization of their size, and 57 percent said the staff size for cybersecurity analytics and operations was inappropriate for an organization of their size.\u00a0What makes this data more frightening is that many organizations remain understaffed AND lack advanced cybersecurity skill sets\u2014a double-whammy that surely makes them extremely vulnerable to attack.\u00a0The research also exposed some areas of acute cybersecurity analytics and operations weaknesses. The top weaknesses cited included:Proactive threat hunting.\u00a0This isn\u2019t surprising, as threat hunting is an advanced skill set. That said, however, it is also a best practice within organizations that have established a cybersecurity center of excellence. Effective threat hunting helps organizations stay ahead of threats with the right security controls and establishes the right knowledge for continuous security monitoring. Those organizations lacking the right skills for threat hunting can only hope to spot suspicious activities AFTER a system has already been compromised.Assessing and prioritizing security alerts.\u00a0ESG Research indicates that many firms are buried by the volume of security alerts, so identifying and prioritizing alerts is a mission-critical process. If your organization struggles here, you will likely miss something (or many things) and suffer the consequences.Computer forensics.\u00a0This, too, is an advanced skill set. Computer forensic weaknesses will make it difficult to discover the nuances of network penetration or system compromises. If you are unaware of these specific details, there\u2019s no way you can protect your organization against similar attacks.Tracking the lifecycle of security incidents.\u00a0This is likely related to collective skills, processes and tools deficiencies. For example, IT trouble ticketing systems often lack the functionality necessary for tracking malware or performing forensic investigations. When security incidents are discovered, security teams can\u2019t always track the remediation progress of IT ops. In some cases, security and IT operations teams simply don\u2019t work well together. Without sound incident lifecycle tracking, it\u2019s simply impossible to monitor, measure and adjust cybersecurity performance.\u00a0When you don\u2019t have enough people or the right skill sets, you tend to overwhelm the existing staff\u2014and this, too, causes problems. In a 2016 research report from ESG and the Information Systems Security Association (ISSA), 32 percent of respondents said the cybersecurity skills shortage led to high attrition and turnover within the cybersecurity staff, while 25 percent reported high \u201cburn out\u201d rates within the cybersecurity staff. An unhappy staff is likely an unproductive staff.\u00a0The global cybersecurity skills shortage simply prohibits CISOs from hiring their way out of these issues. So, what CAN be done? More on possible solutions soon. In the meantime, see you at Black Hat!