Cybersecurity is now in the midst of an unprecedented challenge. While the scale, complexity and financial impact of data breaches and cyber attacks continue to increase, the pool of skilled professionals to fill security roles is dwindling.

According to research in March from the Department for Digital, Culture, Media and Sport, approximately 653,000 (48%) businesses have a basic skills gap, which means that those in charge of cybersecurity at those organisations lack the confidence to carry out the tasks laid out in the Government-backed Cyber Essentials scheme and do not have external support to do so. 

In practice, this means that almost half of UK businesses are unable to tackle the cybersecurity basics, such as setting up firewalls, storing or transferring personal data and detecting and removing malware. A further 408,000 organisations have “more advanced skills gaps”, covering areas such as penetration testing and security architecture.

Being unable to recruit skilled talent is simply exacerbating this problem, with employers identifying 35% of their security vacancies in the last three years as “hard to fill”.

Security teams are now being tasked with greater responsibility than ever, including getting entire workforces mobilised to work from home efficiently and securely, while battling a changing threat landscape. In light of the challenges they face today, it is more important than ever to take an intelligent, cloud-native approach to endpoint security.

We spoke to Adam Philpott, EMEA president at McAfee, about ways of managing the skills gap without compromising on security…

What can be done to tackle the skills gap issue in cybersecurity?

“To tackle such a complex issue requires both “top-of-the-funnel” intervention and investment from government organisations, but also collaboration across the cybersecurity industry and concrete measures from companies themselves.

“We can try to bring talent in further down the line, for example training employees later in their careers, but ensuring we have more talent available in the first place is essential. That is why nationwide investments in training in the technology sector, such as the establishment of a new UK Cyber Security Council to provide a framework for cybersecurity qualifications, are crucial and instrumental to closing the widening skill gap.

“However, there’s much that individual businesses can do to tackle the issue at their level, including implementing initiatives (whether it’s in collaboration with others in the industry or on their own) to promote greater diversity and attract more talent. For example, at McAfee we are targeting talent from outside of IT and security for many roles – an approach that requires thoughtful support mechanisms for onboarding and ongoing development.”

How much of an impact is a lack of diversity having on the wider skills gap, and how can it be combatted?

“A lack of diversity in recruitment processes, often coming through unconscious bias, means that businesses are missing out on large parts of the talent spectrum. This leads to slower progress in tackling the technical skills gap currently facing the industry.

“Building diverse teams should be a no-brainer for businesses, as doing so has clear benefits – from boosting creativity to achieving greater financial success. Companies in the top quartile for gender diversity are 15% more likely to have financial returns above their respective national industry medians, as well as benefitting from a wider bank of perspectives and expertise to draw on. Above all, diversity in the workforce is attractive to new talent and leads to better problem solving as well as improved service for customers of all backgrounds and perspectives.

“When working to combat the skills gap, companies should aim to weave diversity into every single process, programme and initiative. In practice, this means constantly thinking about different ways to access a more diverse talent pool, such as implementing flexible working practices. Alongside this, it’s important that companies are addressing the problem in the recruitment and interview processes, to ensure that hiring is as fair as possible. For instance, if an organisation is looking to recruit a better balance of men and women, it could change the wording in job adverts to make them more gender neutral or ensure that there is at least one woman on every interview panel making a recruitment decision on a candidate.”

How can organisations ease the burden on stretched IT teams without compromising on security?

“The average IT department manages thousands of endpoints, from desktops to IoT devices and everything in-between. Unfortunately, many security solutions simply dump too much information on stretched security teams and rely on senior analysts to investigate threats. When the skills gap issue is factored in, this can lead to serious holes in an organisation’s security posture.

“During the last few months of Covid-19 and the shift towards remote working, many businesses have been forced to accelerate a process of digitization, which in turn gives rise to two dimensions of complexity. Firstly, the infrastructure complexity that comes with more devices being connected and more cloud services being consumed. All of this needs protecting within the security OpEx envelope.

Secondly, there’s the security complexity, where a fragmented (or “best of breed”) solution weakens an organisation’s overall security posture. Both of these complexities put an undue burden on talent, exacerbating the ongoing skills gap issue.

“Some businesses look to outsource their threat detection and analysis, but in essence this only shifts the need for experts from one business to another. Rather than take this approach, organisations need to invest in the right cloud-native tools that identify and contain threats, but also help to upskill more junior staff and lighten the load for employees.

“Integrated solutions monitor and collect activity data from endpoints that could point to a threat, providing the visibility and context needed for security personnel to act. By analysing the data to identify threat patterns, its AI-driven response capabilities can automatically remove or contain threats and notify analysts, while the forensics and analytics tools hunt for identified threats and suspicious activities.

“Automation plays a key role here, handling a high volume of low intellect threats, which frees staff up to focus on higher-value work. By trusting in automated investigation, organisations can reduce alert noise and set up processes which enable staff to do more with less. This is vital for the business to maintain a consistently strong security posture, while allowing human personnel to focus on tasks that do more than just keep the lights on.”