Is it the End of the Cybersecurity Skills Gap Crisis Yet?

Last updated at Fri, 01 Dec 2023 19:42:49 GMT

In just 4 years, you can learn to be fluent in Mandarin.

In 2 years, NASA can get you through astronaut training.

But the cybersecurity skills gap? It's dire and dead-stuck in its fifth straight year of zero progress.

Globally, 3.5 million cybersecurity jobs remain unfilled, and of those candidates who do apply for open jobs, only 25% are qualified. Industry news and conferences are full of hot takes about XDR and how it will change everything in, say, another 5 years. The question is, who has that kind of time?

And don't count on artificial intelligence to save the day: While it will be used to combat attacks with something like a “digital immune system,” the bad guys will use AI to enable attacks, too. We'll always need humans and machines to collaborate, each doing what they do best.

Why the answer can't be (and isn't) another 5 years away

You know digital transformation and cloud migration are straining traditional security tools. Most enterprises are cobbling together a (sort of) full picture, running an average of 45 different cybersecurity-related tools on their networks. Most have arduous deployments, long ramp-ups, and heavy configurations. When all that's done, they're still tracking multiple threat intelligence feeds, drowning in alerts, and processing them manually. (ISC)2 is piloting a new, entry-level cybersecurity certification for fresh talent. Can anyone really train for all that?

But right now, today, a number of Rapid7 customers are achieving XDR efficiency and outcomes with InsightIDR. It's reducing workloads, simplifying operations, easing staffing requirements, and preventing burnout. (If you haven't yet, take a look at InsightIDR's origin story, and you'll understand exactly how and why.)

XDR is here, helping analysts at every level operate like experts

InsightIDR – a cloud-native, SaaS-delivered, unified SIEM and XDR – gives you contextualized intelligence from the clear, deep, and dark web, along with expertly vetted detections and the guided automation teams need. It fundamentally changes data analysis, investigation, threat hunting, and response.

Teams get curated detections out of the box, as well as a prescriptive approach to attacks. Expect automated response recommendations and prebuilt workflows for activities like containing threats on an endpoint, suspending user accounts, and integrating with ticketing systems like Jira and ServiceNow. Wizard guides help even the greenest analyst know where to go next.

InsightIDR also opens up end-to-end automation opportunities. You can automate common security tasks that reduce noise from alerts, directly contain threats such as malware or stolen credentials, integrate with ticketing and case management tools, and more.

Analysts handle anomalies quickly and well with intuitive search and query language, attribution of data to specific users, detailed correlation across events, and visualizations. InsightIDR lightens the workload and gives analysts a big jump start on the things that matter most.

A prediction

The day is coming (and who knows — it might be here) when cybersecurity job candidates will want to know exactly what technology they'll be working with at your company. They'll expect XDR. And they'll have their own interview questions:

• Are the more mundane, repetitive tasks automated yet?
• Are you still tab-hopping, multi-tasking, and working distracted?
• What's your signal-to-noise ratio these days?
• What's the stress level like? Is it really a 40-hour week?

Millennials (ages 25-40) and Gen Z (recently in the job market and our future) are the most tech-savvy generations yet; Gen Z in particular is off the charts. Both put work-life balance above any other job characteristic — including pay and advancement opportunities. Techvalidate just asked InsightIDR customers if the platform ushered in better work-life balance. Almost 40% said yes.

The workplace is already trying to adjust, culturally and otherwise.

Both Millennials and Gen Z experience more anxiety and stress than older workers and their bosses. And while Millennials hope and angle for good work-life balance, Gen Z demands it rather assertively. They'll ask for “mental health days” from time to time. No job gets to make their personal lives shambolic — it's just not worth it. And the #1 source of job information they turn to? Your current and former employees.

If you have a band of stressed-out burnouts posting on Glassdoor, think about how that looks to a potential candidate. How you and your current staff are doing matters.

Here's the thing — and forgive the rose-colored glasses

Cybersecurity is important, pioneering work that makes a difference. You protect companies, our economy, our country, and individual human beings. Security professionals do daily battle with criminal organizations, adversarial nation-states, and everyday duplicity. And it's a job that didn't even exist when most entry-level applicants were born.

Forrester analyst Allie Mellen believes in humanizing security operations, “taking away all the boring minutia we hate to do, and just leaving the really cool, creative stuff for us.” Mellen said, “XDR is definitely pushing down that path.” We think that's an adventure anyone would line up for, as good as anything NASA has.

Start by downloading our eBook: “4 Ways XDR Levels Up Security Programs.”