As part of Solutions Review’s Premium Content Series—a collection of contributed columns written by industry experts in maturing software categories— Deepak Mohan of Veritas lays out three tips for CIOs to close the cyber skills gap through an all-hands approach and automation.
As the threat of ransomware increases, so does the number of additional professionals that organizations need to defend their data. Yet cybersecurity professionals may be reaching a breaking point as the cyber skills gap widens. On top of a 2.72 million person gap today, Forrester predicts that one in ten experienced security professionals will have exited the industry in 2022. What’s worse, forecasts show that one-third of cybersecurity professionals are considering leaving their roles over the next two years due to stress and burnout, causing the gap to grow.
The cybersecurity skills shortage is causing current IT administrators to feel overworked and underappreciated, threatening employee retention and furthering the talent gap. With an increase in cyber threats combined with a shortage in talent, organizations must look to better their data management and protection strategies to help fill in the void and avoid further risk.
As volatility in the tech workforce continues, here are three recommendations that enterprise CIOs must consider to take control of their data across multi-cloud environments, support their IT administrators and protect their organizations.
3 Tips to Closing the Cyber Skills Gap
Allocate Necessary Budget Towards Cyber Resiliency from the Start
Amidst today’s gap in IT talent, senior IT decision-makers say they would need to spend an extra $2.47 million (USD) and hire 27 full-time IT employees to address growing cyber vulnerabilities. What’s more, as the amount of data continues to grow year over year, so does the cost of storing it in the cloud. According to recent research, 94 percent of organizations are overspending on the cloud and are going over their allocated cloud budgets by an average of 43 percent.
Findings also suggest that the overspend is partly caused because respondents did not understand that cloud service providers (CSPs) are primarily responsible for the cloud’s resilience, not the customer’s data and applications. As a result, just over half reportedly lost data because they relied on backup tools provided by their CSPs, and 40 percent cited backup and recovery as the leading area of overspending.
While the cloud provides big benefits for organizations, such as flexibility and mobility, there is clearly a need for a better understanding of what purchasers are actually buying from their CSPs. To avoid data loss and unplanned project overspending in the future, it is critical that CIOs factor in data protection from the start to take back control of their data in the cloud. To better support their cyber resiliency and data protection programs, CIOs must allocate a higher percentage of the budget towards tools, training, and additional personnel when addressing the growing cyber skills gap.
Stage Consistent Cyber-Attack Drills
CIOs must ensure their IT organization is staging regular drills to simulate and plan for potential scenarios involving cyber-attacks, especially ransomware. It’s vital to periodically test backup and recovery strategies and rehearse the team’s ransomware attack response. Not only will this practice help shorten threat response times and minimize the impact of an attack, but the enhanced visibility will help data managers identify problem areas to resolve and improve ahead of time.
An organization’s resiliency plan is only as good as its last test, so rehearsing and constantly revising a resiliency strategy is critical. Regular rehearsals will also help IT administrators feel confident in their ability to recover their applications and data, no matter where they reside– both on-premises and in the cloud. With a clear understanding of their roles and assignments, IT administrators will feel confident in their ability to recover from a true cyber incident.
Lean into Artificial Intelligence and Machine Learning
Lastly, CIOs must implement autonomous data management solutions to ease the burden of IT administrators’ long lists of to-dos. Artificial intelligence (AI) and machine learning (ML) will play a major part in the next phase for the industry, delivering data management solutions that automatically find and protect data – no matter where it lives – to increase efficiency and reduce complexity. By harnessing AI, ML and hyper-automation, enterprises can help eliminate the manual steps of data protection and management, freeing up time for IT staff to focus on strategic activities, such as upskilling and training programs.
For example, enterprises can implement backup software that automatically backs up data from specific stores after every pre-defined time period or when other triggers occur – a task that would otherwise require manual efforts from IT staff. Additionally, automation can play a critical role in detecting occurrences of ransomware in today’s ever-evolving threat landscape. Ransomware happens so fast that it can encrypt 54 gigabytes of data in just under 43 minutes, but AI-driven anomaly detection can help protect against this threat by helping IT administrators identify any unusual or out-of-the-ordinary activity before an attack occurs.
In the not-so-distant future, autonomous solutions will also be able to automatically identify workloads and assign the ideal protection policy defined by a set of parameters that match the observed usage of a company’s data – all without human involvement. As AI-driven technology evolves over the next several years to deliver data management services that self-heal, self-provision, and self-optimize, IT administrators will be free to focus their efforts on more transformational activity.
The Time is Now
Decision makers are now realizing the urgency with which they must address the cyber skills gap. It’s anticipated that closing all of the gaps in an enterprise’s cyber resiliency strategy will take an average of two years, so CIOs must start addressing the cyber skills gap now by allocating adequate budget up front, preparing and upskilling their current cyber workforce and implementing autonomous solutions to support their employees and protect their organizations adequately.