The ability to detect and respond to threats is greatly impeded by a lack of cybersecurity skills and staff. Leading organizations offer a few suggestions. Credit: Thinkstock If you’ve followed my writing, you know that I passionately broadcast issues related to the global cybersecurity skills shortage. Allow me to report some sad news — things aren’t improving at all. In 2016, 46% of organizations reported a problematic shortage of cybersecurity skills. In 2017, the research is statistically the same as last year: 45% of organizations say they have a problematic shortage of cybersecurity skills.These numbers point to an overall dearth of talent, but the cybersecurity skills shortage is especially pronounced in cybersecurity analytics and operations. For example:According to 2016 research conducted by ESG and the Information Systems Security Association (ISSA), 33% of respondents said their biggest shortage of cybersecurity skills was in security analysis and investigations. Security analysis and investigations represented the highest shortage of all security skill sets.Recent ESG research reveals that 54% of survey respondents believe their cybersecurity analytics and operations skill levels are inappropriate, while 57% of survey respondents believe their cybersecurity analytics and operations staff size is inappropriate. The ramifications of skills and staff deficiencies are also apparent in the research. Cybersecurity operations staffs are particularly weak at things such as threat hunting, assessing and prioritizing security alerts, computer forensics, and tracking the lifecycle of security incidents.Of course, many CISOs propose an easy fix — simply hire more cybersecurity staff to bridge the knowledge and staffing gaps. In fact, 81% of the cybersecurity professionals surveyed say their organization plans to add cybersecurity headcount this year. Unfortunately, that isn’t always easy to do. According to the ESG research, 18% of organizations find it extremely difficult to recruit and hire additional staff for cybersecurity analytics and operations jobs, while another 63% find it somewhat difficult to recruit and hire additional staff for cybersecurity analytics and operations.5 ways to address cybersecurity skills shortageGiven the fact that CISOs can’t hire their way out of this mess, what can they do? Here are a few things I see leading organizations undertaking to address the skills shortage: 1. Pushing on automation and orchestration. CISOs are assessing security operations processes, developing formal runbooks, and using technology to help add automation and orchestration to staff sweat and brainpower. Tools from vendors such as IBM (Resilient), Phantom, ServiceNow, Siemplify and Swimlane can be helpful here.2. Kicking the tires on machine learning. Slowly but surely, large organizations are figuring out the right use cases for machine learning technologies that can help them prioritize and investigate true security incidents. Promising vendors include DarkTrace, E8, Exabeam, HP (Niara), IBM (Watson), Palo Alto Networks (LightCyber), Splunk (Caspeda) and Vectra Networks. CISOs should cast a wide net here, however, as there is a lot of innovation happening quickly.+ Related: 4 places to find cybersecurity talent in your own organization +3. Rationalizing, consolidating and integrating security tools. Security operations today is based upon too many tools that don’t talk to each other, adding to security operations overhead. Many CISOs seek to counter this complexity by building an integrated security technology architecture like ESG’s security operations and analytics platform architecture (SOAPA). 4. Seeking help. Rather than struggle, smart CISOs are relying more on professional and managed services. It should be noted that even the most advanced organizations realize they can’t do everything themselves and are looking to service providers to supplement the internal staff.5. Investing in training and cybersecurity staff career development. CISOs who want to recruit and retain the best talent need to make their organization a cybersecurity center of excellence. Key areas for investment include training, mentoring programs and career development counseling. Savvy CISOs will also market their cybersecurity programs aggressively so the word spreads throughout the cybersec diaspora. A few final thoughts: When I consult with CISOs, I tell them they should consider the cybersecurity skills shortage in every decision they make. This advice is especially true when it comes to cybersecurity analytics and operations.I keep saying this, but I’ll say it again: The cybersecurity skills shortage is an existential threat that impacts all of us. As such, national governments need to do more. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe