Tracking Image
Get Your Free Community Edition

Free Community Edition
March 28, 2017

The Security Skills Shortage Scramble

Categories: Blog, From The Front Lines

That title makes me think about breakfast, the most important meal of the day according to Moms everywhere. But that’s not what this post is about, and in fact, today’s cybersecurity professionals often can’t find the time to eat.


According to a a heat map, about one-third of all cybersecurity positions remain unfilled in the U.S. The most conservative estimates put that at more than 200,000 jobs in the U.S. alone – and other estimates from various sources (including Cisco), put the shortfall as high as one million worldwide.


Organizations also face a revolving door of high staff turnover, often caused by burnout from the constant, reactionary scramble to deal with threats – and the promise of doing something more strategic somewhere else.  It’s hard to find new staff. According to the analyst firm Enterprise Strategy Group, 83 percent of enterprises say it’s either “extremely difficult” or “somewhat difficult” to find and hire security professionals, and even if you do find them, it takes time to get them up to speed.



We’re starting to make progress on the supply problem. There are training programs, reworked curriculums at colleges designed to bring a cybersecurity focus to computer science degrees, an increase in co-ops and internships in the security space, and a variety of post-graduate security certification programs.


But on its own, an increased supply of skilled resources is not going to solve the problems caused by the shortage. In addition to increasing the size of the trained security workforce, the industry needs to maximize the effectiveness of those resources.


Given a finite number of security resources, here’s a look at three areas where security organizations can focus on minimizing the scramble associated with the shortfall:


#1 - Automation - The majority of open cybersecurity jobs today (230,000+) are for what Cyberseek calls “operation and maintenance” of systems. A fact of life within security O&M is the constant evolution of both the vast enterprise infrastructure and the security technology stacks encompassing dozens of technologies.


Because the security stack needs to evolve with the enterprise to stay effective, it’s an area that can see massive benefits from the application of automation to security processes and tools, which will reduce the drag on your limited O&M resources. Look for platforms and tools that can automate a major piece of O&M - validation that your security stack is functioning effectively.


#2 – Preparation - From an external perspective, there is a constant evolution of the threat landscape that makes it very difficult for defensive security operations teams to stay proactive.  Many security teams actually allocate time for those instances where they know they will need to scramble and be reactionary.  Imagine if we could get a good portion of that reactionary time back.


The most successful security operations teams develop techniques and leverage products that identify gaps in their security infrastructure before incidents, allowing them to become proactive, and minimize the amount of time they spend in firefighting mode.  


There are only so many hours in a day, and if you can minimize the amount of time your limited security resources spend operating in a reactionary fashion, you’ll compound the effectiveness of the entire team.


#3 - Prioritization - Automation and preparation that maximize the effectiveness of your security staff creates a more human friendly environment. Saving these valuable team members time frees them up to tackle the more meaningful work – the kind of interesting security projects that are inherently rewarding to them in their chosen field.  Less scramble in this is the type of work environment can keep the pros on your team, and less interested in promises of greener pastures elsewhere.


When you proactively identify gaps in your infrastructure, you can more effectively quantify the risks to your enterprise environment and more effectively prioritize the security projects you fund and tackle next.  


And when you combine that prioritized security roadmap with an engaged security workforce that gets excited about tackling high impact problems, you’re going to see less turnover, you’ll get more value out of that limited team, and everyone will have more time for breakfast.


Visit to learn more about our solutions can help you focus on automation, preparation, and prioritization to get maximum value from your security resources.

About the Author

Brent Midwood is AttackIQ's Director of Product Managment. Brent leads the Product Team and utilizes over 15 years of security experience to define and drive the product strategy at AttackIQ, delivering value to our customers by enabling them to enhance their security posture.