Staff scarcity will impact your cyber security resilience

Products

Our cyber security products span from our next gen SIEM used in the most secure government and critical infrastructure environments, to automated cyber risk reporting applications for commercial and government organisations of all sizes.

Essential 8

Essential 8 Auditor

Essential 8 Scorecard

Cyber Resilience

SmartCheck

SIEM

For Enterprise

For MSSPs

For Government

SIEM FEATURES

Operational resilience | Risk Management & Reporting

November 29, 2022

The shortage of skilled personnel in cyber security will continue to challenge organisations for some time to come. In Australia, recent figures confirm a deficit of more than 3000 specialists by 2026. In the UK, a recent study by Russell Reynolds Associates, reported by the consultancy.uk website, highlights that this problem extends beyond the security sector.

When asked what the main threats to their businesses were Directors responded, as the chart below shows, that the availability of talent/skills is the most urgent concern. The only other urgent concerns were the geopolitical and the current economic situation.

Compounding this skills shortage is that apparently cyber security threats are a “notable” concern. So interestingly, with no sign of the current spate of attacks abating, businesses still believe they are prepared for cyber threats. Senior teams at Medibank, American Airlines, Rockstar Games or Uber might question that right now. The list of newsworthy breaches for 2022 isn’t exactly short, and so the confidence displayed in the survey might be somewhat misplaced.

What say security leaders?

What we do know is that cyber security is a labour-intensive business and skills shortages exacerbate the ability to manage risks. A resource shortfall makes it difficult to manage networks, deal with attacks, improve cyber security posture and drive improved resilience. Even operations and activities that should be routine, like patching or threat hunting can be difficult to achieve when resources are tight.

The increased focus on cyber security, from security agencies, 3^rd party providers and even insurers looking for companies to tighten security controls means security teams are under increased pressure.

Reporting cannot be the enemy

Time is of the essence. Greater demands on existing resources will, without greater productivity, mean pressure for increased headcounts. Introducing process efficiencies to some of the more onerous and repetitive security tasks – often the ones that frustrate security teams the most – will assist in closing the gap between skilled resource supply and demand. Every organisation is looking to transform their processes for improved efficiency and performance. And, cyber security is not unique.

Organisations spend hundreds of hours collecting security performance data as part of their internal reporting processes. Collating data into a meaningful security report to guide risk mitigation and inform cyber security oversight can quickly become burdensome. The risk environment is changing fast – with new attacks and exploits – so the more frequent your cyber status reports, the more relevant they’ll be. A scale problem is developing with the need for more regular assessment by too few security specialists. The requirement for increased quality and frequency of reporting is required to meet ongoing governance needs.

Cyber security posture reporting with Attack Surface Management

Tools with high levels of automation already exist to systematically gather and report on configuration and security performance. See Huntsman Security’s Essential 8 Auditor and SmartCheck solutions as examples.

The problem these solutions solve is a simple one. Providing an evidence-based answer to the question:

“Are we doing what’s necessary to protect our business and its IT assets?”

Cyber security technology now reliably automates the laborious and time-consuming tasks of data gathering and analysis, and frees up resources to perform higher-value interpreting tasks. Not dissimilar to the industrialisation of many human activities, machines can perform some data processing tasks more accurately and efficiently.

Managing the cyber-attack surface, areas where IT assets and their exposure to vulnerabilities can merge to create potential points for unauthorised access to your IT systems, demands particular defensive efforts. A detailed level of “inspection” and analysis of security information about a detected risk is required to assess the effectiveness of the controls. An attack can occur from any unmitigated vulnerability so it’s very important to be able to measure and have visibility of how effective the mitigating controls are around it.

Time saved pays dividends

Empirical cyber risk information informs security stakeholders across the enterprise: security and risk teams and their mitigation efforts, of 3^rd party suppliers compliance levels, senior executives in their risk management efforts and directors in their cyber security oversight.

So if specialist cyber security talent is in short supply as current surveys suggest, organisations must review resource hungry and burdensome processes and replace the business process with data-driven security information systems that evidence and inform more effective cyber security decision making.

BLOG POSTS

Joint Advisories keep coming: Heads in the clouds

April 10, 2024

As predicted in early 2024 another joint advisory was recently released from the Five-eyes intelligence and cyber security community. This time the advice relates to governments and corporations moving to cloud infrastructure...

Operational Resilience – Your obligations and FCA PS21/3

March 18, 2024

Operational resilience requirements are being rolled out across the UK and beyond. UK finance firms are required to improve their operational resilience in accordance with Financial Conduct Authority (FCA) Policy Statement PS21/3 (the Policy).

Getting value from your cyber investments

February 5, 2024

A recent KPMG Report suggests that protecting against and dealing with cyber risks will be the major challenge for senior executives in 2024. It is clear that despite high levels of security investment, organisations continue to suffer from cyber attacks.

Agency resilience, compliance & reputation: a cyber governance perspective

January 31, 2024

The Australian Signals Directorate’s (ASD) recent publication of their Cyber Threat Report 2022-2023 unearthed a range of areas for concern for government departments and critical infrastructure entities at local, State and Federal level.

How to improve access to cyber insurance & re-insurance

October 13, 2023

As cyber risks increase, organisations are encountering the longer life cycle of insurance renewals and the need to demonstrate better management of security controls and their effectiveness.

A tale of two conferences

October 6, 2023

Highlights and insights from the recent Managed Services Summit in London & the ISACA Central Chapter Conference on Digital Trust, in Birmingham, UK. With two recent conferences in the space of three days, some interesting challenges were very evident in the topics discussed. Being very different events, the challenges were quite different, but interestingly they […]

2022’s least wanted: Rockstar vulnerabilities that should be has-beens

September 28, 2023

In early August 2023, the latest joint advisory on persistent vulnerabilities was issued by the intelligence and security agencies[1] of the “Five-eyes” community. These joint advisories are becoming more common. Perhaps recognising the growing importance of shared security information and the common nature of many of the threats faced – the weight they carry makes […]

Active management for operational and cyber resilience

September 27, 2023

The quality of your risk assessment and the security information it provides is important; if you plan to use it to actively manage your operational and cyber resilience activities. Organisations are constantly exposed to a rapidly changing threat environment, so you really need a similarly rapid evidence-based feedback system that informs you of the ongoing […]

Applying an Australian regulator’s cyber audit findings, in a UK context

September 26, 2023

The UK market has its own regulators, security standards and challenges. And while rulings from SEC in the US or the Australian Prudential Regulation Authority (APRA) in Australia don’t apply to UK companies, for the most part, the observations are undoubtedly relevant and the resulting advice instructive. It would be wrong to think UK financial […]

Cyber Gap Measurement & Evidence – The New Standard of Quantifiable Internal Assessment

September 18, 2023

<<< Part 2a: Australia’s Essential Eight: Beyond Endpoint Control <<< Part 2b: Activating UK NCSC & US NIST Guidelines: Beyond Endpoint Control Part 4: Systematic Measurement of Cyber Controls >>> As much as we invest into cyber security controls, external threats are inevitable. In a recent Notifiable Data Breaches Report from the Office of the […]

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.

Industries

Government

Financial Services

Critical Infrastructure

Health

Shipping, Freight & Logistics

Defence & Intelligence

Cyber Security Predictions for 2024

Quick Links

About

Training & Support

Testimonials

Partners

News & Media

Events

Leadership Team

Careers