by Ian Heritage
CISOs across the globe are worried about cybersecurity industry skills shortages. These concerns have been around for years, of course, as have recruitment challenges. But new research from Trend Micro reveals that organisations are looking to mitigate some of the worst effects of these shortages: through greater use of automated machine learning tools.
Let’s be clear, ML is not a silver bullet. But it could be effective as part of a more holistic approach to security focused around reducing unnecessary threat alerts.
From crisis to epidemic
Cybersecurity skills were an industry crisis. But the problem has reached the status of global epidemic today. Industry estimates put the shortfall in skilled professionals at just under three million, including 142,000 in EMEA. Separate government figures suggest that over half (57%) of all UK firms and charities have a “basic technical cybersecurity skills gap.”
Some governments are doing their best to address the challenge. The UK’s CyberFirst programme aims to encourage school-aged pupils to take an interest in the sector, for example. But it will take a long time to fill the pipeline with new talent, while in the meantime, older industry practitioners continue to retire. Other initiatives like the UK’s Cyber Skills Immediate Impact Fund provide a shorter term fix, but are too piecemeal and short in funding to make a serious impact on the problem.
Meanwhile, the black hats continue to exploit any shortfall in organisations’ IT security skills. They’re empowered by a cybercrime economy estimated to be worth $1.5tr annually, providing all the tools they need to launch attacks and a readymade marketplace to sell stolen data on. Trend Micro blocked over 48 billion threats last year. Yet even this figure was down on previous years as attackers get more covert and targeted. They’re exploiting the fact that firms have an increasingly large attack surface – expanded by cloud services, mobile devices and IoT endpoints – and are drowning under a tsunami of patch updates and threat alerts.
Consolidate and integrate
It’s perhaps no surprise that half (49%) of those IT and security decision makers we spoke to globally believe a shortage of in-house skills is exposing them to greater risk of a breach. Most (63%) are responding by planning to invest in AI to automate key processes, believing it will help to mitigate the problem.
They’re partly right. AI and machine learning could help to spot patterns in network data indicating malicious activity, that human eyes may miss. But they still need human analysts to train and interpret the results. Some vendors add “AI” and “machine learning” to promote point solutions which in reality will fail to do much to help out under pressure IT teams.
The key here is to view the security environment in a more holistic manner. Many teams are stretched to the limit with too many alerts from too many products, which means key threats may get missed. The answer is to consolidate onto fewer vendors: ideally one expert provider like Trend Micro with a connected threat defence approach with all tools sharing the same underlying intelligence.
We use machine learning in our XGen approach to spot certain sophisticated threats that other tools may miss. But the overall strategy is to provide a smarter, more integrated security offering that will produce fewer, higher quality alerts. That’s the way to maximise the time and talent of in-house teams.