Automation Expected to Create Cybersecurity Skills Gap

By 2021, it’s expected there will be 3.5 million unfilled positions in the cybersecurity sector, according to research from Sausalito, Calif.-based Cybersecurity Ventures. Complicated by automation, these numbers could compound a problem of a potential skills gap of epic proportions that could plague industries and businesses around the world.

Seattle-based DomainTools, which provides a proprietary threat intelligence and investigation platform, announced the results of its annual “Staffing the IT Security Function in the Age of Automation” report — in conjunction with the North, Traverse City, Mich.-based research center Ponemon Institute. The study analyzed the effect of automation on current IT security practices and staffing in the U.S., UK and Asia Pacific, and found automation adoption rising but these technological developments further confounding the industry’s hiring needs.

The research revealed the U.S. embracing automation at a faster pace than in other areas, with 79% of respondents saying they already use automation, or are preparing to in the next three years. Overall, the U.S.-based findings demonstrated an increase in confidence in job security, and meaningful benefits brought forth by automation, including improved efficiency and productivity among security staff.

Nevertheless, difficulties persist in addressing the skills gap as organizations increase their automation use. The report indicated developments in automation tools for cybersecurity have directly influenced hiring and resource allocation among respondent organizations, two-thirds of which are global organizations with at least 1,000 employees. (Financial services, representing 17% of respondents, was the largest segment).

According to the report, 46% cited an inability to properly staff their IT functions with skilled personnel, and noted that the gap in advanced cyberskills has driven an enlarged outlay in cyber-automation technologies. Moreover, 73% of respondents based in the U.S. revealed the IT security function is typically understaffed; 70% of respondents in the UK and 67% of APAC-based respondents share these sentiments.

In comparison to last year’s study, more respondents (65%) in the U.S. now believe that human involvement in security is important in the age of automation, with 48% saying automation will increase the need to hire people with more advanced technical skills. “Within just one year, the perspective around adoption of automated technologies has notably shifted among security professionals,” Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said.  “Contrary to the popular belief that the rise of automation will threaten the job market, organizations now feel these technologies will help ease the current strain on resources, and offer the potential to promote job security for highly skilled staff, while strengthening cybersecurity defenses.”

The research also revealed 40% of teams typically spend 51-100 staff hours per day triaging and investigating alerts, and 19% spend more than 100 hours. Moreover, 53% of respondents said their organization does not have enough staff to monitor threats 24/7. The findings also specified automation will improve teams’ abilities to prioritize threats and vulnerabilities, and increase the speed of analyzing them. This introduces new complexities around hiring needs, as a higher level of expertise is needed to leverage automation.

The majority of respondents indicated that the jobs most likely to be automated in the next three years are activities that require lower skill levels (e.g. log, malware and threat analysis), while higher tier work, such as attack simulation and threat hunting are not as widely expected to become fully automated.

“The uptick in automation adoption indicated by survey responses is promising as it illustrates the adaptability of security teams in a continually evolving security landscape,” Corin Imai, senior security advisor, DomainTools, said. “While the industry is becoming more comfortable with automation, and the technology is delivering a range of benefits, such as better prioritization of threats and increased productivity, the need for experienced staff remains significant. Automated technologies will certainly augment existing expertise and alleviate some of the resource limitations organizations face, but they are not a silver bullet to fix the existing skills gap.”

Additional trends revealed:

• Fifty-four percent said reliance on legacy IT environments prevents the adoption of automation.
• Sixty percent reported automation will be used for threat hunting in the next few years.
• Sixty-one percent did not think they will lose their jobs because of automation, with 51% citing its inability to replace human intuition and hands-on experience as the primary reason.
• Artificial intelligence is now a trusted part of security solutions for 70%; 43% said AI provides an additional layer of monitoring that they don’t currently have in place.