CIO OPINION
consider alternative methods to plug this
cybersecurity skills gap. In addition to
better pay, opportunities for promotion and
development and flexible working hours,
one key factor in retaining cybersecurity
employees is the type of work they are
engaged in.
According to findings from the survey,
the cybersecurity activities that provide
respondents with the greatest level of
enjoyment are threat hunting/finding
vulnerabilities (55%), resolving threats
(55%) and preventing threats entering the
network (54%). It’s perhaps no surprise that
such types of cybersecurity work appeal to
many security staff, with 21% of security
professionals saying a threat hunter position
either in their current organisation or
elsewhere is a career aspiration.
2. Automation
By pairing human intelligence with
automated tasks and putting human-
machine teaming in practice, automated
programs handle basic security protocols
while practitioners have their time freed up
to proactively address unknown threats.
This not only improves the organisations’
cybersecurity posture but as detailed above, is
a key driver for higher employee satisfaction.
At its core, there are essentially three pillars
to an effective automation strategy:
Integration
Integrating detection and response systems
is an essential part of automating the
cybersecurity environment to help employees
deal with the volume of information and
identify the pieces that matter.
Security information and event
management (SIEM)
A SIEM product has continuous access to
a data feed from across the cybersecurity
estate. It analyses areas such as DNS data,
perimeter firewalls and VPN traffic. It can be
configured to identify suspicious patterns
or activities on the network and carry out
immediate automated historical analysis.
This not only aids detection but can speed
up incident response times, potentially
mitigating the damage to data and systems
from any breach.
50
INTELLIGENTCIO
“
A GROWING
CYBERSECURITY
THREAT
LANDSCAPE
AND A SKILLS
SHORTAGE ARE
EVER-PRESENT
CHALLENGES.
Machine learning
In relation to cybersecurity, machine
learning is changing the game within
corporate environments, by managing
massive amounts of data. Although some
actions may need to be managed through
human intervention, machine learning
can take care of much of the easy and
predictable work. For example, it can be used
to set correlation rules to make the same
review decisions you make on a routine
basis, and then set alarms, create watch lists,
or use scripts to package and forward data.
With machine learning, you can automate
advanced classification and scoping and
prioritisation of security events, making it
possible to perform both predictive and
prescriptive analytics.
3. Use of Gamification
Gamification, the concept of applying
elements of game-playing to non-game
activities, is growing in importance as a
tool to help drive a higher performing
cybersecurity organisation. Within
organisations that hold gamification
exercises, hackathons, capture-the-flag, red
team-blue team or bug bounty programs are
the most common, and almost all (96%) of
those organisations that use gamification in
the workplace report seeing benefits.
However, there is huge room for
improvement in the use of gamification as
a tool to win the cybersecurity game. One
area of improvement, in terms of talent,
might lie outside the typical cybersecurity
hiring profile, in a generation entering the
www.intelligentcio.com