The latest data on the shortage of cybersecurity professionals makes for grim reading. The global cybersecurity workforce gap has reached an all-time high of four million people, a 12.6% increase compared to 2022 – and this includes just under 28,000 roles in Australia. That’s 28,000 cybersecurity professionals needed across Australia to protect businesses and their employees, assets, and infrastructure from increasingly aggressive threats. Microsoft estimates that demand for cybersecurity skills in Australia increased by 26% over the last year.
There’s more. LinkedIn data suggests that for Australia, the most sought-after security skills include those related to threat detection and response (Security Information and Event Management or SIEM), network security, and machine learning. These areas are vital to the defence of digital businesses with their dispersed workforces and cloud-based assets.
What this means is that organisations in Australia face a double challenge – there are not enough cybersecurity professionals to meet business needs, and those that do exist don’t always have the technical proficiency that companies are looking for.
As a result, implementing and managing cybersecurity and dealing with the fallout of security incidents is often left in the hands of over-stretched or under-skilled IT and security professionals. People trying to juggle security tasks that include a tsunami of daily security alerts that may or may not be malicious, the rapid escalation of email-borne threats targeting unwary employees, multiple security products from different vendors, and more.
What can organisations – and particularly small to mid-market businesses who may find it harder to compete for the best security talent – do to reduce the impact of the skills gap?
The right technology tools can lighten the load
Security solutions are not a substitute for skilled, professional staff – but advanced, intelligent, and integrated tools can take on some of the burden of security management. This leaves the security team able to do more with fewer people and compensate for some of the gaps in a way that is reliable, fast, and accurate.
Examples of such tools include SASE (Secure Access Service Edge), XDR (Extended Detection and Response), and AI-powered automation and incident response.
Secure Access Service Edge
SASE is a cloud-based network security model that combines in one, manageable service, a range of critical security functions and an advanced network for data traffic (SD-WAN or software-defined wide area network). SASE can help with the cybersecurity skills shortage in several ways:
- By simplifying the way network security policies are managed across different locations and devices, reducing the need for specialised staff and hardware.
- Enabling full visibility and control over network traffic and threats, allowing security teams to focus on more strategic and complex tasks.
- Supporting remote and mobile workers with consistent and secure access to the cloud applications and data they need to do their job, reducing the risk of data breaches and compliance violations.
- Leveraging artificial intelligence and machine learning to automate and optimize network performance and security, enhancing the efficiency and effectiveness of security operations.
SASE is not a silver bullet for the cybersecurity skills shortage. However, by adopting SASE, organisations can improve their network security posture and resilience while also reducing the operational complexity and costs associated with traditional network security solutions. Our SASE solution is SecureEdge, a cloud-first platform that offers comprehensive security, connectivity, and visibility for sites, devices, and users, with features such as Zero Trust application access, URL filtering, and traffic optimisation.
Extended Detection and Response (XDR)
XDR solutions can also help to address the impact of the cybersecurity skills shortage in several ways. XDR is a security solution that integrates multiple security products and services to provide a comprehensive view of the entire IT environment. It can help companies detect and respond to cyber threats more quickly and efficiently by automating threat detection and response processes. If you then add a Security Operations Centre (SOC), especially one offered as-a-service through a Managed Security Provider (MSP), the business also benefits from security experts who can monitor their IT environment 24/7 and respond to XDR-identified security incidents in real-time.
AI-powered automated email threat detection and incident response.
AI-powered automated email threat detection and incident response can help companies detect and respond to email-based cyber threats more quickly and accurately than traditional approaches – removing the need for time-consuming, resource-intensive, manual responses.
As cyber threats continue to increase in both frequency and complexity, the need for companies to have access to adequate levels of cybersecurity, with the required skills, has never been higher. This is a significant issue for the security industry overall, at both national and global level, but it is one that will take a while to address through better professional development, career routes and certifications – to name but a few options.
In the meantime, businesses can extend and support their existing security teams by harnessing support from partners such as MSPs and implementing advanced, intelligent security solutions that enhance their security posture and take some of the pressure off the people who keep them safe.