Should risk analytics bridge the cybersecurity talent gap?
That we as a field suffer from a talent gap is undisputed. According to a recent report from Dark Reading, by 2021 there will be three and a half million unfilled cybersecurity jobs—representing a 250% increase over five years. What’s worse, hackers and other threat actors aren’t suffering the same personnel problem—if anything, their numbers are swelling.
Plenty of information security experts have proposed different solutions to the cybersecurity talent gap:
- Improving the public perception of cybersecurity jobs.
- Reducing burnout among current employees.
- Taking the steps to fix the gender gap in cybersecurity.
- Improving compensation or reducing stress in cybersecurity positions.
- Deploying blockchain (which has an aura of panacea in the digital age).
Together, these disparate potential solutions form a blueprint to fixing the cybersecurity talent gap. However, after our conversation with Jerry Skurla, CMO of cyber risk analytics and UEBA solution provider Bay Dynamics, we’ve begun to wonder: can risk analytics actually reduce the number of cybersecurity employees an enterprise needs? Can UEBA relieve the burden on IT security teams to the point of not needing more talent on hand to handle potential threats?
While these are divisive questions, they are worth exploring as it highlights the continuing tension in cybersecurity between technology and human talent an which can be relied on for better security.
The Human Factor: Virtue or Vulnerability?
Common sense, creativity, collaboration, and clear(er) communication—humanity still offers qualities not even the most sophisticated program can even hope to match, all of which are vital to cybersecurity. Furthermore, humans are better at finding workarounds, loopholes, and the means for greater efficiency than almost anything else. But is that part of the problem?
The great contradiction in cybersecurity is that efficiency and security are often at odds with one another. Employees are trained to find efficiencies, to favor speed and profit, which means they often neglect cybersecurity best practices or make mistakes that create security vulnerabilities.
Humans are your biggest attack vector—just look at the statistics surrounding phishing—and this can apply both to your normal employees and your IT security teams. IT security teams still have to rely on human guesswork sometimes in processing alerts and can be overwhelmed by manual analysis demands. They can lose track of potential threats in the deluge of data created every day by the modern IT environment or in the movement of data throughout the cloud or network.
This isn’t to disparage the hard work or the talents of your IT security team or of cybersecurity professionals in general—they work in a complex and vital field and do amazing work. However, the harsh truth is that security teams are only human and they can make mistakes which can, in turn, be costly.
So the question is: what can technology do that humans can’t?
Risk Analytics and UEBA: More than Human?
According to Jerry Skurla, more than 80% of security alerts are false positives—everyday activities and events that look suspicious for a variety of reasons. In a manual, human-centered operation, becoming overwhelmed is the norm given the volume of threats. This adds to the stress, compounding the number of tasks the team needs, and thus inflating the need for more staff.
The virtue of risk analytics is that it automates the processes, utilizing your extensive databases and the baseline behaviors of enterprise users via UEBA. Theoretically, risk analytics can learn your enterprise’s IT environment and handle the majority of security alerts. Your IT security team would be thus freed to work on preemptive security measures, evaluate your cybersecurity protocols, and proactively threat hunt.
In theory, you could also reduce the security alerts via risk analytics to bridge the cybersecurity talent gap in your enterprise: by reducing the grunt work your team faces, you reduce the need for human talent on hand on a given day. You could possibly hold off on a hiring decision or on expanding the team—or at least evaluate how much staff you actually need before making these choices.
Can It Bridge the Cybersecurity Talent Gap?
The problem is that risk analytics and UEBA don’t operate in a vacuum. They require inputs, monitoring, and update to function optimally. Thus you will need human intelligence on hand to keep on eye on these processes and evaluate their efficiency. You can’t completely go digital in your cybersecurity: you need a combination of human and technology, solution and security team.
Can UEBA and risk analytics truly bridge the cybersecurity talent gap in your enterprise? It’s theoretically possible—certainly, it can reduce the workload on your team and perhaps curtail the need for immediate team expansion. You should coordinate your evaluations with your IT security team leaders to determine whether technology can serve the role of human actor…or supplant them.
Latest posts by Ben Canner (see all)
- AI in SIEM: The Benefits for Enterprises of All Sizes - September 19, 2019
- The 10 Key Enterprise SIEM Blogs of 2019 - September 17, 2019
- The 5 Key Lessons for Enterprise SIEM in 2019 - September 12, 2019