Surviving the Cybersecurity Skills Shortage

Yash Prakash

Yash Prakash

High-profile hacking and ransomware incidents targeting enterprises are on the rise. To make matters worse, there’s a massive cybersecurity skills shortage to defend against these threats. The combined increase in cyber threats and a growing skills gap has left organizations in a tough position coming out of 2020. 

This trend is not exactly a new phenomenon. A critical need for information security professionals has existed for years — but COVID-19 has only increased demand. According to (ISC)2, 64% of businesses face an infosec skills shortage, with a 3.1M gap worldwide in desired positions. 

If your security team is feeling the pressure from the cybersecurity workforce shortage, don’t lose hope just yet. There are ways your organization can meet these challenges head-on by leaning into remote work, automation, and the right technology. The best security strategy will include a combination of experienced people and innovative solutions to bridge the skills gap. 

What’s Driving the Cybersecurity Workforce Shortage?

The increased demand for skilled security personnel accelerated with the rise in cloud migration and the expanded adoption of SaaS applications by businesses. Cloud adoption was on the rise pre-COVID. But this trend dramatically increased as the pandemic hit. As a result, enterprises are now seven years ahead of schedule on their digital transformation initiatives, according to McKinsey’s recent COVID-19 survey.

The traditional network perimeter model, which relies on the firewall, doesn’t adequately address the challenges of hybrid or cloud IT ecosystems. Existing solutions lack the breadth of oversight to address ever-expanding DevOps pipelines and SaaS adoption. A recent cloud security report indicates 82% of respondents said their traditional security solutions either don’t work or only provide limited functions in cloud environments. 

Expanded PaaS, IaaS, & SaaS Adoption

The increased adoption of Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS), and Software-as-a-Service (SaaS) coupled with the shared responsibility model place a portion of the cloud security liability on the customer. Securing user access and sensitive data is vital as misconfigurations, failure to encrypt, and rogue accounts can result in data exposure. 

Risk is higher on IaaS services with the inclusion of additional management tasks like securing operating systems and network traffic. When cloud environments expand, their user base and data management also grow rapidly, increasing the security administration required to keep them secure.

Cloud customers and providers share responsibility for cloud security as shown in this chart from the Center for Internet Security.

Remote Work Brings New Vulnerabilities

The pandemic required companies to adopt remote work overnight and introduced new security vulnerabilities. Without physical co-location, there are various authentication factors that can no longer be assumed. Meanwhile, workers and workdays are now spread across time zones. As the 8-to-5 schedule morphed to fit workers’ irregular, at-home routines, information security teams have struggled to keep up with monitoring. 

The last year has also been full of career transitions. As workers change positions, get laid off, or vendor contracts end, access permissions must also be revisited – further complicating the IAM/IGA lifecycle. Managing remote security, access, and permissions in the cloud remains a challenge for most organizations — VPNs are no longer sufficient to fully secure remote workers’ access to the  IT ecosystem. 

The impacts of these changes are too grave to ignore. Gartner predicts that by 2025, 99% of all cloud security failures will be due to customer’s own mistakes. And a recent HelpNet article points out that close to 80% of the companies surveyed experienced a cloud data breach, and 43% reported ten or more. Managing cloud security requires a team of skilled security practitioners and the right technology to stay ahead of threats. 

4 Ways to Fight the Cybersecurity Shortage

1. Embrace Remote Work for the Long Term

The sudden rise in remote work further increased cloud security needs, but it also offers opportunities. With COVID-19, many organizations, including Google, and Twitter are indefinitely working remotely. Companies recognize that hiring from a diverse national — or even global — talent pool offers an opportunity to hire more qualified candidates. 

However, remote work isn’t a temporary stopgap. In fact, your organization may want to consider embracing it for good. A recent Gallup study shows that even after the pandemic, most workers would like to continue working remotely. Highly skilled workers are looking for flexibility, and businesses that embrace remote work have a better chance of attracting top talent. 

Widening your talent pool by offering candidates the flexibility to work from anywhere is one way to overcome the skills shortage and fill high-priority roles within your organization. 

2. Leverage Automation to Minimize Overhead and Free Up Resources

Security automation is another crucial strategy to consider in the face of staff shortages. Using AI/ML (Artificial Intelligence and Machine Learning) to drive decision-making, organizations can automate tasks and processes. Leveraging AI/ML eases the burden on security staff, allowing them more time for higher-impact initiatives. 

One obvious use of AI/ML is to manage the analysis of large volumes of data quickly. Cybersecurity analysts frequently deal with thousands of alerts coming in from a SIEM solution, which need to be reviewed. Manual review requires an extensive staff to assess alerts quickly. The McAfee Cloud Adoption and Risk Report states that organizations can minimize the 100M noise to signal ratio of cloud events and whittle an average of 3.2 billion events down to 31 threats by using automation. 

Saviynt uses AI & ML to determine identity risk and offer smart review/approval.

Automation is vital for efficiently and effectively delivering security, but it also saves time and resources in the realm of identity access management and governance as well. Saviynt’s intelligent identity solutions leverage automation to approve “low risk” and “no risk” access requests — reducing the number of requests approvers must evaluate. Smart reviews also provide contextual identity insights giving approvers the information they need to make faster, smarter decisions.

See how Saviynt uses automation to approve “low risk” and “no risk” access requests.

Automation eases the burden of managing the identity perimeter — and helps organizations meet governance and compliance initiatives. A recent Forrester TEI study shows many additional benefits of using automation in the identity management and governance lifecycle.

Benefits include:

  • Reduced provisioning time throughout the user identity lifecycle
  • Shortened IT resolution time 
  • Faster employee and contractor onboarding
  • Increased flexibility to support the work-from-anywhere IT model 

3. Deploy an Integrated Identity Platform to Eliminate Information Silos 

Companies committed to providing good security tools should also consider a more integrated approach to identity management and access governance. Currently, many security products are point solutions that remain disconnected from one another. Each tool only provides a partial view of the overall environment. This myopic viewpoint limits the usefulness of the data because it lacks context, which can be provided by information from other tools. 

For example, User Entity Behavior Analytics (UEBA) tools provide important context that can indicate an identity might be compromised. If your PAM (Privileged Access Management) solution is aware of an identity with questionable behavior, it can limit or block access requests from that identity until it’s investigated. Consider solutions with APIs that allow systems to exchange information freely with one another. This allows admins and end-users to derive deeper insights and increase visibility into the threat landscape.

By deploying products with a more open approach, security solutions become more potent than the sum of their parts. Sharing information allows the various tools to provide more in-depth contextual details. For example, the Saviynt Identity Risk Exchange works with these open-designed products and powers AI/ML automation. It consumes and exchanges data with cloud monitoring services to provide insights targeted to the organization’s environment. The detection of new risks such as data assets, applications, servers, and shadow IT offers insights tailored to the organization – eliminating blindspots so admins can better manage risks. Meanwhile, targeted platform alerts help companies stay ahead of attackers and improve their security posture.

Another advantage of an integrated platform is the centralization of management. Saviynt’s cloud-based platform unifies identity governance and administration (IGA), application access governance (AAG), and privileged access management (PAM) into one intelligent solution. This breaks down business silos and facilitates collaboration between teams. 

Saviynt 2020 Control Center provides continuous risk management visibility in a single location.

Centralized management also allows teams to cross-train and create a skills overlap. Instead of having SOC specialists or identity specialists, centralized interfaces help security experts develop skills that span the disciplines. Integrated platforms that provide a single-pane-of-glass interface help simplify workflows, reducing the need to manage multiple application dashboards. In turn, this increases efficiency and lightens the load for smaller teams.

4. Adopt Low-Code & No-Code Security Solutions for Faster Deployment 

Traditional security solutions often come with high implementation costs that stem from custom configuration. These solutions frequently require code-based customizations to meet the complex needs of enterprise IT environments. For smaller organizations, this may be a one-time expense, but this can be a reoccurring long-term investment in keeping the solution operational for larger enterprises. Choosing technology that’s easier to implement is another way to counter the cybersecurity skills shortage.

Your team can lower security costs and deploy faster with solutions that leverage no-code or low-code configuration. Using features such as drag-and-drop interfaces, integration templates, and packaged pre-mapped industry controls, security teams can fast-track implementation themselves with fewer development resources. This removes the need for additional dev cycles to plan, set up, and implement changes. 

This is especially true for identity governance and privileged access management software. Forrester’s TEI report on the Saviynt Enterprise Identity Cloud estimates a savings of almost $2 million can be realized over three years by avoiding the coding talent cost required by traditional identity access and governance solutions. 

Forrester estimates you can realize $2 million in savings over three years with low-code and no-code identity access and governance solutions.

Bridge the Cybersecurity Skills Gap

Despite ongoing efforts to increase the pool of skilled information security professionals, the reality is that the cybersecurity skills gap will continue to grow. In many ways, we face an ongoing cybersecurity arms race. Organizations innovate to protect themselves, and bad actors innovate to infiltrate critical systems. 

While organizations cannot control the shifting threat landscape, they can gain an edge through flexible WFA policies, automation tools, and the deployment of integrated solutions. Holistic security includes a combination of experienced people and innovative solutions. By taking an agile approach and investing in the right technology, your organization can close the gap without sacrificing security or compliance.

Schedule a Demo

Ready to see our solution in action?
Sign up for your demo today.

Saviynt named a Gartner® Peer Insights™ Customers’ Choice: IGA Learn More >