padlock on a keyboard denoting cyber securityAs cyberattacks grow at an exponential rate, threatening entire infrastructures and targeting businesses, large and small, the demand for cybersecurity expertise is skyrocketing, writes Ellen Sundra, Chief Customer Officer, Forescout.

Yet the gap in cybersecurity skills continues to persist. There are simply not enough skilled professionals in these roles to meet the demand, especially when it comes to finding individuals with the OT and Industrial Control System (ICS) skills needed to defend critical resources.

Recruiting and retaining talent is a major issue, with demand continuing to outpace supply within the rapidly evolving cybersecurity space as it pre-empts and responds to increasingly sophisticated cyber-attacks. Furthermore, the number and types of cyber assets has exploded in recent years, the vast majority being IoT and OT, which aren’t designed to be supported using traditional IT methods, such as patching. Today, even the smallest of hardware or software developments can pose multi-faceted risk and challenges, further exacerbating the need to have the right skillset in place.

An ongoing talent shortage in cybersecurity

As for cybersecurity’s skills shortage, insight from over the years and current research all reflect the same outlook – it’s here to stay for the foreseeable future, with some referring to it as a crisis. According to the Government’s latest Cyber Security Skills in the UK Labour Market Report, there was an annual shortfall of 14,100 cybersecurity employees last year – 4,100 more than the previous year.

In terms of how this figure translates into everyday business operations, the same report revealed that 51% of businesses have basic cyber security skills gaps. For example, being capable of setting up configured firewalls, storing or transferring personal data and detecting and removing malware.

Meanwhile, 33% have more advanced skill gaps in areas such as penetration testing, forensic analysis, and security architecture. OT expertise falls into this more advanced category due to the need for cybersecurity professionals to not just safeguard but navigate their way around the many complexities posed by legacy systems, or out-dated equipment and software that no longer receives security updates. Scanning the systems can cause risks to operations and applying patches requires taking these systems offline for maintenance, which is not only expensive, but disruptive to critical operations.

More responsibility being put on fewer people

For existing cybersecurity teams, the impact of this talent shortage means growing workloads that can potentially lead to burnout. And for cybersecurity leaders, there’s the constant headache of having to find new talent, recruit, onboard, and crucially, retain employees.

Furthermore, research conducted by cybersecurity and IT security certifications and training provider, (ISC)², found that eight in ten organisations have suffered at least one breach caused by a lack of cybersecurity skills or awareness. Their research also revealed that 64% of global organisations had already experienced breaches that resulted in loss of revenue, recovery costs and/or fines.

With the impact of the skills gap being felt far and wide, cybersecurity leaders and teams are re-evaluating their existing processes and swiftly adopting new measures to secure the expertise they need to continue to operate. These measures include:

Automating cybersecurity tasks at scale

Automated cybersecurity enables Security Operation Centre (SOC) teams to enforce device compliance, reduce the attack surface and rapidly respond to incidents. It arms teams, applications and networks with the ability to respond immediately when risks and threats are identified. As a result, tasks that usually take multiple people hours to perform per asset can be completed in bulk or real-time, or on an interval basis.

Looking for existing talent and promoting internally

Organisations are starting to promote in-house staff with an OT background to security officers and architects. The advantage of this is that these employees already know the OT sites and the organisation’s way-of-working and will often collaborate with the IT security teams to implement larger projects.

Embracing external expertise

Some companies are leaning more heavily on external contractors to advise and build their ICS/OT security frameworks or run incident response/security operations. Seeing as the nature of this work can be lengthy, it’s an approach that’s recognised as being an effective way of helping free up in-house resource. It also means companies have access to the specific ICS/OT skills they need.

Partnering with Managed Service Providers (MSPs)

Given the growing market of data analysis and incident response solutions, the challenge lies in shifting from technology to management processes for efficient incident response. In turn, some organisations are leaning into sharing their SOC capabilities with MSPs to help bridge the skills shortage gap.

Adopting platform-based solutions

Managing multiple point solutions with minimal staff is a key factor in relation to organisations struggling to incorporate enterprise-wide cybersecurity. Shifting from standalone to platform-based solutions or tools that easily integrate with others is increasingly being recognised as the solution.

Upskilling the existing workforce

Upskilling existing employees into OT/ICS professionals is widely recognised as being beneficial in relation to retaining talent within companies, and the industry, and gaining access to skills sooner. Some organisations, including Forescout, have implemented dedicated training programmes that are designed to fast-track staff into more experienced or specialist roles.

The knock-on effect of the skills shortage will still be felt many years from now. But, there are measures that cybersecurity leaders can take to gain access to the skills they need whilst delivering on their responsibilities.

Although technological advancements can make organisations vulnerable they can also be leveraged to provide industry-first solutions, including addressing the present OT and ICS skills gap, as well as delivering wider benefits.