Can We Better Leverage Our – Already Scarce – Cyber

                                      Security Human Resources?


                                   By Douglas Ferguson, Founder & CTO, Pharos Security


            It is accepted that there is a significant cyber security skills deficit. The result, it is argued, is that cyber
            security teams do not have access to the human resources they need to be successful. Therefore, CISOs
            and security teams cannot effectively protect their organization from cyber breach and impact. Often left
            unsaid  is  that  cyber  security  teams  often  undermine  themselves  by  poorly  calibrating  and  pitching
            resource requirements and inadequately leveraging available expertise.

            Security can be described, in simple terms, like a wall. Where the height corresponds to the level of threat
            sophistication security can counter, the width corresponds to coverage, and the depth corresponds to
            types of control (predict, protect, detect, respond, recover). Each of these dimensions strongly influence
            the  costs  of a  security  program  – and  the ability  to  control breach  outcomes  vs.  different  types and
            sophistications of attack.



            Not enough expertise

            These are two key issues surrounding perceived expertise shortages:

               1.  The over reliance on high-end expertise
               2.  The suboptimal leverage of adequate expertise





            Cyber Defense eMagazine – August 2020 Edition                                                                                                                                                                                                                        64
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.