The intense demand for trained information security and privacy practitioners is reflective of the convergence of technology, productivity, and profitability.
CIOs and CISOs that balk at enabling more mobile, cloud, and Internet of Things (IoT) tools not only find themselves in a cultural conflict, but also at odds with the business or mission of their organization.
For instance, Boston Consulting Group indicated that the remote cardiac monitoring market in the US alone would eclipse $1 billion in 2016, a specific example of the convergence between technology, productivity, and profitability.
The ability for a doctor to remotely adjust a pacemaker without a patient visit or in an emergency situation has a profoundly positive impact on patient care. Information security and privacy professionals simply must find a way to enable this kind of technology while encompassing the risk as best they can.
At the same time, there is a systemic personnel problem. There are simply far too few trained information security and privacy practitioners available to organizations. The baby boomer generation is taking decades of experience with it into retirement; and the prospects for replacing them are bleak.
The 2015 (ISC)2 Global Information Security Workforce Study estimates two global labor gaps:
- The gap between the existing workforce and what the respondents’ companies are funded to hire (600,000 workers).
- The gap between the existing workforce and what those companies believe they need (1 million more workers).
As more devices become IP-enabled for the first time and need to be incorporated into an organization’s information security and privacy posture, the tax upon practitioners will become even more pronounced. Also, for the first time in the (ISC)2 study, practitioners have become acutely aware that the premise that they’ve used for the last 20 years - buy unique tools for each specific IS and privacy problem - has created an unwieldy “sprawl in security technologies.”
All of these conditions - demand, expanding IP footprint, convenience, cost reduction, and insufficient trained practitioners - create an untenable competition between business or mission enablement and security. Evidence of this competition can be seen in the dramatic increase in time from breach detection to remediation. The (ISC)2 study results show a troubling trend indicative of a workforce stretched by demand and sprawl, as indicated in chart above.
It is for these reasons that dramatic improvements in both efficiency and efficacy should be the goal of any decision IS teams are considering.\
Any decision regarding methodology, vendor, product, or service that doesn’t demonstrably increase efficiency and efficacy is a bad decision.
Organizations that invest in streamlining their infrastructure to become more streamlined, automated, interoperable, resilient, sprawl-reducing, and focused will stay ahead of the math and enjoy the most important results
No organization will wind up impervious to breaches, but efficient organizations will lower their overall spend by:
- Consolidating the number of vendors, tools, and services they use
- Reducing their labor-hour costs by ensuring automated means of execution
- Reducing the number of events that operators and analysts need to respond to manually
- Shrinking the hours operators and analysts spend by reducing events requiring follow-up to fewer, more noteworthy events
The time between breach and detection and the time between detection and remediation will drop measurably, ensuring that breaches don’t have a material effect on the business or mission of an organization.
At last October’s FOCUS’15 conference, Intel Security leaders previewed a new standard in which the Threat Defense Lifecycle will provide you with the right tools needed in the face of this impending threat landscape.
This portfolio will continue to focus on industry leading solutions to protect against known threats and breaches, but also shift greater attention to provide and integrate tools to detect threats faster, and enable automated workflows to more quickly correct them - an integration between a dynamic endpoint solution, intelligent analytics, cloud-delivered security, and centralized management.