Page 64 - Cyber Defense Magazine for August 2020
P. 64
Can We Better Leverage Our – Already Scarce – Cyber
Security Human Resources?
By Douglas Ferguson, Founder & CTO, Pharos Security
It is accepted that there is a significant cyber security skills deficit. The result, it is argued, is that cyber
security teams do not have access to the human resources they need to be successful. Therefore, CISOs
and security teams cannot effectively protect their organization from cyber breach and impact. Often left
unsaid is that cyber security teams often undermine themselves by poorly calibrating and pitching
resource requirements and inadequately leveraging available expertise.
Security can be described, in simple terms, like a wall. Where the height corresponds to the level of threat
sophistication security can counter, the width corresponds to coverage, and the depth corresponds to
types of control (predict, protect, detect, respond, recover). Each of these dimensions strongly influence
the costs of a security program – and the ability to control breach outcomes vs. different types and
sophistications of attack.
Not enough expertise
These are two key issues surrounding perceived expertise shortages:
1. The over reliance on high-end expertise
2. The suboptimal leverage of adequate expertise
Cyber Defense eMagazine – August 2020 Edition 64
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.