Page 250 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 250
how it processes and triages alerts, they still won’t get through the thousands they get per day. We cannot
solve the security challenges we face today with more bodies. This is painfully obvious to anyone who
has fought in the trenches of cybersecurity for any real length of time.
So Now What?
To pull this industry out from the catastrophic nose-dive it’s in right now means adapting and evolving.
Let me explain.
Hire smarter, then retain your talent
Identify recruiting organizations (in-house or outsourced) that understand the industry, speak the
language, and can locate talent. To help them find the right staff for you, write your job descriptions and
requirements with humility and realism. Interview intelligently, onboard swiftly, and make people feel like
they’re part of a team and valued. Then require (not offer, require) continuous education and training so
they stay sharp and up to date.
Now to keep these people from leaving as soon as they’re trained up, offer them competitive
compensation, a flexible and adaptable work environment, and work-life balance. For bonus points, hire
people who may lack experience but have potential – and give them the opportunity to become experts
and earn great job roles that are rewarding and exciting. By the way, if you’re not looking at American
military professionals coming back into civilian life and looking for work as cross-train opportunities, you’re
missing a massive potential pool of great talent.
Automate intelligently
There’s no way to analyze petabytes of log files, packets, and alerts by simply having people look at
them. You can’t scale threat detection and analysis with more people. If you don’t believe me, go look at
some of the most efficient Security Operations Centers (SOCs) in the world and check out how many
people they have. They’re not massive, but they do automation at a scale you can only dream of.
Automate as much of the mundane, boring, tedious human processes as you can – we have mountains
of technology for that today. If you haven’t bought in, now is the time. Empower your existing staff to be
able to do more by amplifying their efficiency and brain power with modern tools. With all the talk of AI
out there, maybe it’s time to explore that avenue as well.
Cross-train with IT
Odds are there are people inside your IT organization right now who are trying to figure out how to join
your security team. They haven’t done so because you’ve likely not given them a pathway (and, chances
are, they’ll eventually go join a different company who will give them that pathway). CISOs should invest
250