“My people are overworked! We are understaffed! And you keep increasing the attack
surface!!!” Thus said every security person ever. To a large degree, the words ring true.
Organizations are taking advantage of new technologies that increase the threat vec-
tors for their already strained security resources. As bad as that is, it is simply the natu-
ral evolution of business, where organizations must maintain their technical debt while
reaching out to take advantage of the next generation of technologies. Enterprises also
need to become more agile and responsive. Not only is the attack surface expanding –
the business side wants IT to move faster.
“According to ESG research, 51 percent of organizations report having a ‘prob-
lematic shortage’ of cybersecurity skills in 2018. This is up from 45 percent in
2017. This skills shortage has multiple implications. Organizations do not have
the right sized teams, and operate in a perpetually understaffed mode. Often, the
cybersecurity team lacks some advanced skills in areas like security analytics,
forensic investigations or cloud computing security, putting more pressure on the
most experienced staffers to pick up the slack.”
—CSO Online FEB 6, 2018
FALL 2019 | THE DOPPLER | 7