In our recent blog on the cyber skills gap, we saw that the foundations of IT security are being undermined by a lack of expertise. The predicted shortage of 1.5 million security professionals will have serious repercussions – but should today’s organisations be even more focused on recruiting data scientists?
Right now the lines between traditional cybersecurity and data analytics are starting to blur, with data scientists set to play a crucial role in the next generation of security. We’re evolving towards an intelligent, data-driven approach that can turn today’s deluge of logs, events and threat feeds into truly actionable insights. With data-driven security organisations can alleviate the pain of the cyber skills shortage by intelligently focusing scarce resources where they’re needed most. Better still, data-driven security empowers businesses to make more informed decisions across the board and pre-emptively defend against the most dangerous threats.
The difficulty of data
Unfortunately, the rise of data-driven security may help to solve one skills shortage only to create another. With 63% of organisations now investing in or planning to invest in threat intelligence, the demand for data scientists has exploded. In the US, there’s already a shortage of up to 190,000 people with analytical expertise, as well as 1.5 million managers with the skills to understand and make decisions based on big data insights.
To join the dots in complex data and identify the patterns that signify critical threats, organisations need access to rare people with an exceptional understanding of offensive security. However, data scientists come from a wide range of backgrounds: often organisations must choose between those with statistical and mathematical skills, computer science skills, or business skills. Needless to say, finding data scientists with expertise in all three areas is a costly and challenging proposition. Even access to such expertise is not enough, however.
To harness the potential of data-driven security effectively, organisations also need to arm analysts with versatile forensic tools that can apply their expertise to the modern security challenge. Crucial too is machine automation; big data analytics platforms must first aggregate and correlate millions of security logs if data scientists are to focus their limited time on the threats that matter.
A service solution
Given the enormous investments in specialist people, processes and technologies that data-driven security demands, no organisation should attempt to go it alone. A service-led approach is the only practical, efficient and cost-effective way to make data-driven security a reality. Service providers can invest in the outstanding data scientists and technologies necessary to turn raw intelligence into actionable, contextualised insights because they spread the cost across thousands of customers. Meanwhile, by opting for a service-led approach, organisations can de-risk the adoption of data-driven security, as well as benefit from a rapid rollout, massive scalability and far greater cost-effectiveness. Better still, all this can start today.
With SecureData GI, we’ve turned data-driven security into a reality: taking intelligence from within an organisation, combining it with global threat data, extracting actionable insights in the cloud, and then delivering it seamlessly back into customer businesses.
Unlike some “security intelligence” offerings today, SecureData GI delivers a truly end-to-end, pre-integrated solution. We believe we’re at the cutting-edge of data-driven security and others must agree: our CEO, Etienne Greeff, has just been named as one of the UK’s top 50 data leaders and influencers. In this light, the main challenge preoccupying organisations today shouldn’t be the cyber skills gap, the deluge of security logs, or even multiplying threats – it should be finding the right partner to deliver on the enormous potential of data-driven security.