A CrowdStrike® on-demand webcast, presented by Product Marketing Director Jackie Castelli, examines the critical shortage organizations are facing as they strive to fill open IT positions: “When Security Expertise is Scarce: How to Close the Cybersecurity Talent Gap.” The webcast offers recommendations that can help organizations fulfill the cybersecurity needs created by today’s lack of qualified cybersecurity personnel.
The webcast begins by outlining the current shortage of cybersecurity talent that is impacting organizations across all industries. This is a topic that CrowdStrike addressed earlier in a blog by Castelli. As she points out in the webcast, “The math is simple: In the U.S. there are 350 thousand openings in cybersecurity and experts predict there will be 1.5 million by 2021.” She goes on to explain that according to an ESG survey, 45 percent of organizations claim they have a problematic shortage of cyberskills. (Since this webcast was delivered, ESG has raised that number to 51 percent.)
Adverse Effects of the Talent Gap
Castelli points out a number of ways the serious shortage of skilled cybersecurity professionals is adversely impacting organizations:
- The shortage has forced companies to hire junior staff, who will need time to acquire the experience to perform the critical security tasks that organizations require.
- The huge volume of alerts generated by legacy security solutions, coupled with a lack of resources, results in incidents going uninvestigated. Castelli says that some studies show that only 19 percent of alerts can be handled by security teams. “In one study, 55 percent of the 1,600 people surveyed said they received more than 10,000 alerts a day – that gives security staff only 2.5 seconds per alert to respond,” she says.
- As the gap in security talent grows, the sophistication and frequency of the global threats organizations face are also increasing, making cybersecurity talent gap a top-level concern for CISOs in every industry.
- According to industry analysts, the talent shortage is so severe that many organizations lack the skill to use the cybersecurity technology they have acquired.
A National Security Concern
The wecast highlights the magnitude of the talent gap by explaining that it has become a matter of national security, as evidenced by a recent report from the U.S. Departments of Commerce and Homeland Security titled “Securing the Growth and Sustainment of the Nation’s Cybersecurity Workforce. ” Castelli explains, “Government understands that having a trained workforce is vital to cybersecurity – making this an issue even at the highest level.”
She also argues that the talent gap is worsening as attacks increase in both volume and sophistication, and touches on what she calls the “trickle-down effect” in adversary activity: “Nation-state actors have developed technology that is trickling down and ultimately getting into the hands of less sophisticated actors.”
Long-Term Solutions Are Important
Castelli also covers some of the short- and long-term solutions that are underway to address the cyber skills shortage. In the long term, many organizations and institutions are pursuing initiatives to grow the talent pool, such as the move in academia to expand cybersecurity curricula. There are also new frameworks emerging for training a cybersecurity workforce, such as the U.S. government’s NICE (National Initiative for Cybersecurity Education) framework. These programs often work hand-in-hand, she explains. “The qualifications necessary to be a doctor or a lawyer are well-established but so far there hasn’t been one for being a cybersecurity specialist. Programs like NICE are putting some boundaries around those functions and helping define them better, which in turn, helps academicians develop the programs that will build the skill sets needed to fill those jobs.”
However, she also points out that these long-term solutions will take years to come to fruition, “The challenge with long-term programs is that it takes 4-5 years to get someone through them and prepared to fill a role. So, while this is something we absolutely have to do today, we are not going to be able to benefit from it right off the bat.”
Short-Term Solutions Are Needed Now
While the webcast emphasizes the value of long-term solutions, the need to solve this problem for organizations in the short term is even more important. Castelli presents three short-term solutions that organizations can implement:
The goal with automation is to reduce the number of humans needed to perform repetitive tasks that can be done via automation. Toward this goal, she outlines the emergence of artificial intelligence (AI) and machine learning (ML) as prime technologies to fill this role. “AI applies triage so that a human doesn’t have to spend time figuring out if an alert is worth responding to or not, and ML makes it possible to identify the unknown.”
Castelli cautions that automation alone is not the answer, “Automation allows us to enhance human performance, but it can’t fully replace it – there will always be things such as false negatives and false positives that demand human analysis,” she says.
Outsourcing and Threat Hunting
Castelli points out that managed services can help, but it can be costly and challenging for organizations to deploy. She states there is also a demand for threat hunting, but explains that staffing an in-house team is difficult – exacerbated by the talent shortage. For this reason, managed threat hunting has emerged as a possible solution for organizations that lack the resources to operationalize this solution in-house.
The Answer to The Critical Talent Gap: CrowdStrike Falcon Complete
The webcast concludes with a discussion of CrowdStrike Falcon™ Complete™, the comprehensive solution designed to help close the cybersecurity talent gap by combining the people, processes and technology that organizations need to combat today’s prolific and sophisticated adversaries.
Here is how Falcon Complete puts cybersecurity expertise and technology to work for organizations 24/7 – the results are better protection, better performance and immediate time-to-value:
Cloud-Native Architecture: The Falcon agent is installed on your endpoints, with all next-generation endpoint protection features delivered and managed via the cloud – including AI, ML and indicators of attack (IOAs), which can detect threats other solutions don’t see, including unknown and fileless attacks.
CrowdStrike Threat Graph™: The brains behind CrowdStrike technology is the Threat Graph, which processes over one trillion events per week. Castelli says, “With Threat Graph, CrowdStrike can automate 50,000 decisions per minute — that’s how fast we can respond to a threat and why CrowdStrike stops up to 30,000 unique breaches a year.”
Falcon X threat intelligence automation: Many customers lack the resources to be able to take full advantage of threat intelligence, even if they have access to it. As Castelli explains, “Falcon X provides attack attribution when applicable, and analyzes quarantined files to let users know the scope and severity of findings, such as a piece of malware in their environment. This is all done automatically, with no interaction needed from the customer.”
Proactive threat hunting: Falcon Complete provides a team of seasoned threat hunting experts, who search for threats in customers’ environments 24/7. For many organizations, “Mounting this sort of resource internally would be virtually impossible. Although you might have an expert who could cover one or two of areas — it would be hard to find someone who could cover all aspects,” Castelli says.
Breach prevention warranty: Castelli closes her discussion of Falcon Complete features by addressing the Falcon breach prevention warranty, which guarantees coverage of up to $1 million if a breach occurs on any system protected by Falcon Complete.
Case Study of an Attack
The webcast concludes with a discussion of an actual attack CrowdStrike investigated where Falcon Complete was deployed to handle the aftermath and ongoing security. The discussion of an attack by Emotet, a banking Trojan — which is discussed in detail in the 2019 Global Threat Report — illustrates the speed and effectiveness Falcon Complete delivers.
The Time Is Now
Castelli sums up the importance of closing the security gap and the challenge organizations face as follows, “The best time to plant a tree was 20 years ago, and the next best time is now.” When it comes to filling the gap in getting your cybersecurity ready, she explains, organizations face a battle that will only get harder, if they don’t address these issues today.
- Watch the on-demand webcast: “When Security Expertise is Scarce: How to Close the Cybersecurity Talent Gap.”
- Learn more about Falcon Complete by reading the white paper: “CrowdStrike Falcon Complete: Instant Cybersecurity Maturity for Organizations of All Sizes.”
- Download the “CrowdStrike 2020 Global Threat Report”
- Learn more about the CrowdStrike Falcon platform by visiting the web page.
- Get a full-featured free trial of CrowdStrike Falcon Prevent™ and learn how true next-gen AV performs against today’s most sophisticated threats.