Reality slap: Cyberattacks aren’t going anywhere. Adversaries are only getting better, faster and more sophisticated. While next-generation solutions allow both private and public sector entities to make strides in identifying and responding to threats in real-time, we cannot forget that behind every attack, there is a human adversary who is adept at modifying their tactics, techniques and procedures (TTPs) in response to the defensive technical controls they encounter. This reality stresses our need to maintain a wealth of threat intelligence and to understand the masterminds behind these attacks, to solve for future threats.
Defending against cyberattacks requires effective, dedicated and capable security professionals. But federal agencies and other public sector organizations continue to face increased pressure to recruit, train and retain security professionals that have the necessary skills and expertise to protect their systems against threats.
The latest estimate predicts there will be 3.5 million unfilled cybersecurity jobs by 2021. This presents both an opportunity and a need for public and private sector to work together to formulate strategies that will up-skill and develop new talent as well as manage the talent gap where it manifests.
Fostering a vibrant cybersecurity environment
Government entities are acting on initiatives to grow the talent pool by taking steps to improve public sector cybersecurity training opportunities and explore new ways to attract and retain talent. For example, a new executive order seeks to improve the U.S. government’s cybersecurity capability and outlines a roadmap for agencies to ensure there is adequate education and training systems in place that will unlock new talent.
The existence and success of these programs paves the way for upcoming talent to become more specialized. It also helps agencies to build and develop the skills necessary to fill open roles and bring us closer to bridging this talent gap. While these solutions are essential to safeguarding the cybersecurity talent pool of the future, it’ll be years before they start to come to fruition, meaning the time for government agencies to act is now.
The future of cybersecurity talent
Managing the talent gap is a big undertaking for any enterprise, but for many agencies there are added complications due to the government’s aging infrastructure and commitment to legacy tools. In order to successfully attract prospective infosec professionals, cyber operators must feel sufficiently equipped to perform the functions of their role. New hires don’t want to start off knowing they will have to fight battles with yesterday’s tools. Challenges are fine. In fact, they are typically welcomed, but one must feel confident that they can be successful in this fight. And, with legacy security systems generating a huge volume of alerts, teams are often left without the necessary tools and talent to manage the many time-sensitive incidents, leaving them in a state of constant panic and uncertainty.
CISOs must be armed with a holistic strategy that involves technology, processes and people. They must have full line of sight into their networks and be able to prioritize cyber incidents by severity and criticality to the organization. Agencies are looking to acquire comprehensive and integrated security solutions, rather than individual tools offering limited capabilities which solve a singular use case. These modern, more transformative strategies offer more visibility into the way attacks occur, provide insight into how organizations become a target, and seamlessly allow the defender to respond effectively in real-time.
Automation has become increasingly crucial to reducing the pressure placed on security teams. Beyond this, the emergence of artificial intelligence and machine learning helps teams better understand the critical nature of threats and the risk they pose to determine whether an alert is worth responding to and to help identify unknown threats.
Budget and resourcing requirements are two factors which can help government teams determine whether they can adequately manage the constant barrage of threats they are facing, or whether it is a better decision to work with private sector experts to help deploy a more tailored security strategy or even considering whether or not any of their strategy should be outsourced. There is an increased demand for threat hunting and in-house shortages can make this a daunting task when the technical expertise isn’t resident to the existing team.
The relatively new discipline of threat hunting opens opportunities for cybersecurity professionals to be proactive and hunt down adversaries, delivering instant maturity to an agency’s security operations. While this is a straightforward exercise, it can be challenging to balance internal resourcing to make this the priority it should be. Effective threat hunters come with years of experience, often bearing the battle scars from regular engagements with their adversaries.
Threat hunting is a strong, cost-effective solution to this talent gap, allowing agencies to combat today’s prolific and most sophisticated adversaries without having to make difficult tradeoff decisions with their human resources.
Closing the talent gap
The importance of closing the cybersecurity talent gap and the challenges this presents is clear to private sector businesses and is increasingly acknowledged by government and public sector entities. The constant barrage of nation state attacks and the uptick in ransomware targeting are a constant reminder for cyber teams to reassess and revamp their security strategies, considering both the long and short-term implications of their approach and how it could impact their potential to protect and safeguard their - and the country’s - future.
James Yeager is the vice president for public sector and healthcare at CrowdStrike