What the Skills Shortage Means for Existing Cybersecurity Practitioners

By now, most practitioners have heard (probably from a few different sources) that organizations struggle when it comes to finding, hiring and retaining the right resources for information security and/or cybersecurity professionals. There has been quite a bit written about this trend: the impact that it has on security efforts within enterprise, advice and guidance about how to staff and manage your security team in light of the talent challenges, strategies for working around it, etc. However, there is another potential angle that is comparatively less analyzed: the impact to existing practitioners – both in the short and long term – in light of the shortage.

Understanding this is important for practitioners as preparation now translates directly to continued success down the road. In knowing what we do about the workforce dynamics, we can make sure that we’re optimally positioned when the time comes for us to change jobs and continue to be in demand down the line.

Skills gap characteristics
The first thing to note is that the skills gap has characteristics that can be measured. We know that it exists from numerous research reports and surveys, specifically findings citing the lengths of time required to fill open positions, perceived difficulty in finding qualified candidates and challenges in retaining existing staff. ISACA’s 2018 State of Cybersecurity research was no exception in pointing this out. Findings from previous years of ISACA research, as well as studies from other organizations, suggest that these challenges are persistent.

However, the actual areas of need have been comparatively less thoroughly analyzed, including which positions are most problematic to staff and retain, which skills are in more demand, where the most hiring activity occurs, etc. Much like the skills gap itself can be measured, so, too, can these other characteristics. This year, we attempted to gather more information about these secondary characteristics of the skills gap.

What we learned was that individual contributors are in higher demand than managers. We also learned that there is a higher demand for technical resources, relative to non-technical ones. While that may not be a complete surprise to anyone who has tried to staff a security team, it is an interesting data point because it informs organizational staffing and retention strategies. The report data can also be useful for practitioners – i.e., those on the other end of the staffing equation. Meaning, individuals wishing to position themselves optimally for their future career growth can use this information as part of the “career strategy.”

Career “Future Proofing”
We as practitioners can maximize our competitiveness in the short term and ensure that we continue to be marketable over the long term by taking this information into account. For example, the information indicating that technical resources are harder to find relative to non-technical ones can help motivate us to stand out in the workforce by taking active measures to invest in our personal technical acumen. There are a number of ways to do this, of course, but ensuring that we remain abreast of new technologies, that we diversify the set of technologies with which we are conversant and keeping abreast of new attack methods is a good way to start.

In fact, there are many resources available to ISACA members to assist; for example, our partnership with Wapack Labs can help ensure that members stay abreast of attacker tradecraft; ISACA webinars (particularly those of a technical nature) and publications like the ISACA Journal can keep technical skills honed; and chapter activities can provide opportunities to learn new technical skills. This is potentially advantageous even for those that are more senior in their careers. For example, if a hiring decision came down to two resources – if all other things are equal, but one is more “current” in their technical understanding – who would you hire? See what I mean?

Over the long term, this information about the skills gap is likewise important for practitioners as it can inform their future career planning. Why? Because logic dictates that the dynamics will change over time in a few specific ways. For those with a decade or more before retirement, planning accordingly is valuable.

First, current challenges in obtaining qualified technical staff mean that it is most likely that organizations (and, in fact, the market at large) are likely to innovate toward automation strategies for technical work being done by human analysts today. Will this mean the existing workforce will be left high and dry? Not necessarily …  but it does mean that technical acumen, while useful to help differentiate you among candidates in the short to intermediate term, isn’t a guaranteed way to future-proof your career over the long haul. This in turn means that establishing a diverse set of skills – as well as building a strong professional network – are important in the long term, in addition to building technical skills.

Second, the fact that there is increased demand for individual contributors relative to managers means that (again, thinking long-term), those who desire to move into manager positions should be looking to differentiate themselves as well from a competitive point of view. They might, for example, consider taking on management responsibilities now to give them skills that, down the road, will be important to their overall competitiveness.

As with most things, there’s no “one-size-fits-all” advice – there are as many viable career tracks as there are practitioners themselves. That said, one thing that’s probably universally true is that having a “career plan” that accounts for both near-term and longer-term changes is a good idea. The findings from this research can help accomplish that.

Ed Moyle, Director of Thought Leadership and Research, ISACA

[ISACA Now Blog]

Digital Transformation Gets Easier When Security Just Works

When I ask customers what they like about Palo Alto Networks, their answer is consistent: it just works. They can operate efficiently and prevent successful cyberattacks. Our Security Operating Platform is built for automation – it has to be easy to operate if we’re going to help our customers achieve digital transformation.

You may not recognize the name “Security Operating Platform” because we have recently changed it from “Next-Generation Security Platform.” We feel this new name better reflects its unique value. The components of the platform are integrated, making it easy to operate and automate manual tasks.

In my last blog post, I noted that the hardest part of digital transformation isn’t deciding on vendors or deploying new technologies, but instead getting people to think differently and change how they work. One of the recommendations shared, based on what I’ve been hearing for months now in my time spent with our customers and partners, is that organizations should bring stakeholders together and out of their silos to create cross-functional teams.

Whether we call these teams “agile” or something else, this mode of working requires support from a platform that can automate workflows, meet compliance and provide consistent enforcement across network, cloud and endpoints. If the technology is not designed to support workflow across the environment, it is not going to support these cross-functional teams.

We continue to expand the platform and add automation. A decade ago, we invented the Next-Generation Firewall, enabling organizations to adopt security best practices using app-, user- and content-based policies and applying a Zero Trust approach throughout. We added cloud-based security services for threat detection and prevention in what we call our first evolution. These services use the next-generation firewalls as sensors and for automated enforcement. In our second evolution, we extended the platform to include endpoint and cloud security. The security services integrate with the cloud and endpoint security to share intelligence and automate enforcement.

Now, in our third evolution, we have further extended our automated approach to ecosystem partners. Innovative apps developed by us, by third parties, or by your own teams, can access a security data set that is specific to your environment, as well as access shared threat intelligence. The apps can monitor, detect and report on threats, automate workflows, and meet compliance. As threats evolve, we believe automation and analytics that work across cloud, network and mobile devices are required to detect and stop sophisticated attacks.

We’ll see you at RSA Conference this week and hopefully at our Ignite ’18 Security Conference next month, where we’ll be celebrating disruption and digital transformation. I look forward to hearing from you – come experience our Security Operating Platform for yourself.

[Palo Alto Networks Research Center]

English
Exit mobile version