Automating the cyber-skills gap  

John Moran at Tufin explains why businesses must lean heavily on automation to mitigate the shortage of skilled cyber-security professionals

 

It is no secret that the global cyber-security industry is suffering from an acute shortage of talented professionals. Demand for skilled individuals has climbed substantially as cyber-attacks reach record highs and firms grapple with more complex IT environments which in turn create extended attack surfaces.

 

The number of unfilled cyber-security jobs worldwide grew 350% between 2013 and 2021, from 1 million to 3.5 million. Industry researchers also predict that the same number of jobs will remain open in five years. 

 

Recognising that it may not be possible to add additional headcount, how can enterprises increase their resilience against the ever-growing threats of cyber-attacks? Automation is a key part of the answer.

 

The challenges driving the need for automation

The cyber-landscape has drastically changed in the last few years. In addition to the ongoing skills shortage, there are many internal and external challenges preventing enterprises from getting an edge on the threat actors. As businesses grow and look towards digital transformation, their networks are expanding across cloud and SaaS environments.  

 

Furthermore, the shift to a remote workforce means that more personal, and often unmonitored, devices are being connected to the enterprise network.

 

Without enough skilled eyes to monitor this expanding network landscape, threats are bound fall through the cracks undetected. To compound these challenges, cyber-attacks are also evolving. Threat actors are now executing combined ransomware and extortion campaigns, allowing them to exploit a single organisation in multiple ways. 

 

Phishing attacks have become more advanced, with attackers using sophisticated toolkits and well-crafted content which is extremely difficult for the end-user to identify.  The increase in commercialisation of malware, such as the ‘Ransomware-s-a-Service’ (RaaS) model, means even unskilled criminals can access powerful attack tools as easily as a legitimate business can sign up for a SaaS (Software-as-a-Service) solution.

 

These factors are compounding the challenges involved in maintaining visibility and access control across a large enterprise network. With so many assets distributed across technologies and geographies, security teams often struggle to manage security policies in a holistic manner. Manually managing configurations across different firewalls, NGFWs, routers, switches, SDN and hybrid cloud resources can easily become an overwhelming task.

 

Responding efficiently and effectively to a potential security incident or vulnerability detection across this hybrid estate is also becoming increasingly challenging.  Security teams often find that the information required to make accurate risk decisions is distributed across many locations and is likely out of date. 

 

The information available to security teams is often raw, with little context, and requires time consuming manual correlation before it can be used to inform any decisions.

 

Boosting cyber-resilience through automation

Security automation can help security teams enforce compliance, reduce the attack surface, and rapidly respond to potential security incidents. It arms security teams with the context required to respond immediately when risks and threats are identified. 

 

More specifically, incorporating security policy automation can help organisations lessen the burden of mundane management tasks, allowing their security team to focus on the more complex tasks with a greater impact on risk reduction.

 

Without an automated management layer sitting above the entire hybrid, implementing network changes and ensuring compliance manually can be a cumbersome process, leading to increased errors and additional risk. For organisations striving to improve agility while maintaining security and compliance, this manual approach is simply not acceptable.

 

Security policy automation solutions provide a broad set of automated processes for network visibility, continuous compliance management, and security policy design and provisioning. This provides a consolidated view of the entire hybrid network, enabling enterprises to move with greater agility while maintaining the ability to accurately measure and address risk.  

 

Automated workflows perform automatic vulnerability and compliance assessments before any proposed change is made, immediately alerting administrators to potential violations or risk.  Once approved, changes can be automatically designed, provisioned, and verified with low or no manual input required.

 

Our customers have found that replacing manual tasks across fragmented systems, with a trusted automated process from a central management solution can increase productivity by 70% on average.

 

As the skills shortage is likely to remain for the foreseeable future, automation could be the key to maximising business agility and security in today’s advanced and extended threat landscape.

 

---

 

John Moran is Technical Director and Business Development at Tufin

 

Main image courtesy of iStockPhoto.com