Raise your hand if you are aware that a (worsening) massive global skills shortage is afflicting the cybersecurity industry, leaving many organizations open to greater attack and breach risk because they lack the appropriate talent and skills to defend against their adversaries.
Now that everyone’s hand is raised, we can move on to thinking about solutions. As we await fundamental recruiment adaptations to occur within the industry, one technology has emerged that is providing a timely and effective stopgap: automation and orchestration.
Security orchestration, automation and response, commonly known as SOAR, is one of the most talked about technologies in cybersecurity these days – and with good reason. The right SOAR security platform, coupled with good implementation, can go a long way in helping security teams reduce alert overload, orchestrate the multitude of tools in use, and build automated, repeatable processes that slash response times and ultimately allow security pros to focus their time on higher-value work.
The cherry on top is that those benefits connect to the much-maligned skills shortage.
3 Ways SOAR Can Help Solve the Security Skills Shortage
1) Keeps Morale High
Job-induced stress and burnout were not foreign to the security operations field prior to COVID-19, and the pandemic has likely only exacerbated an already delicate situation. A joint research report between Enterprise Strategy Group and Information Systems Security Association concluded that the health crisis has “increased (cybersecurity professionals’) workloads, increased the number of meetings they have had to attend and increased the stress levels associated with their jobs.”
SOAR, of course, cannot solve the emotional aspects of a sudden shift to remote work, including the experience many security professionals are having finding balance and setting boundaries. Where the technology can assist is with one of the factors that may be contributing to poor work-life equilibrium, at least for SecOps personnel: rising numbers of attempted attacks and emerging risks that are being met with inadequate staff. SOAR works by ingesting the multitude of alerts firing from security tools and taking automated actions on them, reducing the burden on your SecOps staff so don’t always feel like they behind the eight ball.
2) Leverages Existing Talent in More Impactful Ways
Addressing all those alerts and events undoubtedly comes with its share of mundane, repetitive and time-consuming work. But in addition to being able to remove the unromantic parts of the job, SOAR helps to solve key skills deficiencies facing organizations: a lack of talent in disciplines like threat hunting, security architecting and incident responding.
If the existing pool of talent you’re working with is already scarce, you might as well extract the most possible value out of it as possible, while keeping employees challenged and inspired. Shedding console fatigue and switching on critical thinking will lead to a more satisfied SOC team, and with its focus now directed on higher-value tasks, your security maturity stands to grow in the process.
3) Its Collaboration Capabilities Empower Remote Work
Most security professionals would agree that the new work-from-home normal has introduced a greater number of potential blind spots, largely due to increasing adoption of public cloud and new remote connection requirements. However, the silver lining of faraway work is that it has expanded the talent pool. For organizations that may have previously concentrated their candidate search on a certain location are now likely more open to hiring from outside of that geography.
SOAR is built to enable collaboration and communication among analysts and engineers so their work can continue unimpeded, even if they are all seated in far different locations. Studies have shown that working from home has driven a stark improvement in collaboration among security, IT and network teams, so it would stand to reason that similar synergy will be necessary among distanced SecOps staff, and SOAR can help enable that.
Dan Kaplan is director of content at Siemplify.
Get started with SOAR from Siemplify today by registering today for a free cloud trial.