Addressing the Cybersecurity Skills Shortage

Addressing the Cybersecurity Skills Shortage


Even more difficult than getting approval for an added headcount to address your cybersecurity concerns is finding the right person to fill that hard-fought opening. There are two factors at work in this HR challenge. The first is the competition to find a cybersecurity worker and the second is to ascertain whether the worker has the right skillset and technical knowledge to meet the needs of the position.

314,0001 and 1.8 Million2 – the number of cybersecurity job openings in the US market in 2019 and the number of global cybersecurity workforce shortage projected by the year 2022, respectively. These numbers are great if you are a college student majoring in cybersecurity, but they are worrisome if you are an organization trying to protect critical assets and confidential properties (both physical and intellectual). When you put these two contrasting need and workforce trends together, the resulting gap has proven to create material deterioration in a company’s security readiness.

In the oft referenced study of the international shortage in cybersecurity skills conducted by Center for Strategic and International Studies3, the solution to the skills shortage for most of the respondents was to rely on cybersecurity technology and outsourcing to experts. But even a cursory search of the available cybersecurity products and solutions reveal a bewildering number of offerings.

It is easy to get drawn to the latest and greatest shiny technology but most commercial customers want a solution that will meet their security requirements, with an affordable price, that is quick to deploy and easy to maintain – in other words, they are interested in the “Total Cost of Ownership.” Many cybersecurity solutions require specialized knowledge, training, or expert resources that already have those skillsets, which can raise the cost significantly by requiring dedicated personnel or outsourced assistance. So then you’re back to first base and smack dab into the workforce shortage that drove you to third party solutions to begin with.

Data diodes offer a category of devices that can help mitigate issues created by the cybersecurity skills shortage. They are hardware-based solutions that are unhackable in their inherent design (physically enforced, rather than enforced by software configuration or policy), which obviously makes them highly secure. As an added benefit, they do not require dedicated resources to constantly maintain and keep up to date with rule revisions and patches.

This has proven particularly helpful to industrial and CI organizations which are primarily dedicated to uptime and safety, rather than cybersecurity. Once the data diode is set up (usually within minutes) the system simply works and is usually left alone until the next patching window (for feature upgrades and optimization). Owl Cyber Defense solutions have been protecting hundreds of government and CI customers and facilities for many years, and now other markets such as financial services, pharmaceuticals, transportation, and more are beginning to realize the security and cost benefits of Owl data diodes.

In a world of increasing number of unsecured connections and continuous streaming of proprietary data to the cloud, data diodes can protect your network and alleviate risks while requiring only a fraction of the cybersecurity and IT resources in comparison to commonly utilized solutions like firewalls and expensive threat analysis tools.

If those factors sound attractive and would fulfill your needs, I encourage you to reach out to Owl Cyber Defense and see our range of data diodes products and solutions that would best fit your requirements.

 

  1. CyberSeek Cybersecurity Supply/Demand Heat Map, https://www.cyberseek.org/heatmap.html
  2. The U.S. Secretary of Commerce and the U.S. Secretary of Homeland Security, A Report to the President on Supporting the Growth and Sustainment of the Nation’s Cybersecurity Workforce, https://www.nist.gov/sites/default/files/documents/2018/07/24/eo_wf_report_to_potus.pdf
  3. CSIS, Hacking the Skills Shortage, https://www.mcafee.com/enterprise/en-us/assets/reports/rp-hacking-skills-shortage.pdf

How IIoT and the Cloud are Upending the Purdue Model in Manufacturing

The Purdue Model of Control Hierarchy is a framework commonly used by manufacturers in pharmaceuticals, oil and gas, food and beverage, and other verticals to group enterprise and industr...
September 11, 2019
Gary McGibbon Business Development Manager - Financial Services

Capital One as a Canary in the Cloud Coal Mine: Part 3 – Conclusions

If the Capital One sysadmin had just changed the WAF password... In the final part of our blog series on the Capital One breach, I want to discuss the conclusions reached based on the vu...
August 15, 2019
Gary McGibbon Business Development Manager - Financial Services

Capital One as a Canary in the Cloud Coal Mine: Part 2 – Findings

"That is a pretty egregious oversight." In the second part of our three part series on the Capital One breach, I want to discuss the vulnerabilities and other elements that went into the...
August 13, 2019