TMCnet News
SANS Survey Explores Path to Closing the Critical Skills Gap for a Modern and Effective Security Operations Center (SOC)BETHESDA, Md., July 21, 2020 /PRNewswire/ -- CISOs who can reduce or close their critical skills gaps have the highest probability of minimizing the business impact of cyberattacks – even when budgets and staffing are constrained. This is according to the results of a new SANS Institute survey, "Closing the Critical Skills Gap for Modern and Effective Security Operations Centers (SOCs)," to be released in a two-part webcast on July 29 and July 30. The survey happened to kick off within days of the World Health Organization (WHO) declaring COVID-19 a pandemic. As such, the results reflect a high degree of uncertainty around future hiring plans as well as an increase in plans to use outsourced services until staffing plans stabilize. Even with the future uncertainty brought on by the pandemic, the survey covered staff changes in 2019, qualitative responses on what skills security managers see a need for, which needs they plan on staffing internally, and where they plan on using external service providers. Other than at very small businesses and in the government vertical, the survey found that turnover and attrition rates for cybersecurity staff is at or below industry averages. Even so, security managers indicated they tend to fall back on attrition as the reason for requesting staff increases, which reflects a lack of meaningful cybersecurity metrics being employed at many organizations. Security operational skills were cited as most needed by survey respondents, and cloud security skills were more sought after than network or endpoint security skills. While the most successful source for new cybersecurity employees was the company's existing internal IT staff, hiring managers indicated they would most like to see new hires with hands-on experience using common cybersecurity products – open-source tools, in particular. "This skills gap survey once again pointed out that despite all the headlines about a cybersecurity headcount shortage, it is really a skills gap – security people with hands-on experience with the top security tools and how to use them across hybrid cloud/on-premises systems are being hired for the skills, not just to add bodies," says John Pescatore, survey author and SANS Director of Emerging Security Trends. "By investing in training and tools skills as well as the maintenance of those skills, the increased productivity and reduced security staff attrition provides a huge return on investment." Webcast Details Full results of the survey will be shared during a webcast on Wednesday, July 29, 2020 at 1:00 p.m. EDT (17:00 UTC), sponsored by Awak Security, Anomali, Cisco, ExtraHop, LogRhythm, ReversingLabs, Swimlane, and ThreatConnect, and hosted by SANS Institute. Register to attend this webcast at https://www.sans.org/webcasts/113485 Get additional perspective on the survey results in a second webcast on Thursday, July 30, 2020 at 1:00 p.m. EDT (17:00 UTC), in which representatives from ExtraHop, ReversingLabs, and ThreatConnect will join a panel discussion to dive deeper into the results with survey author John Pescatore. Register to attend this webcast at https://www.sans.org/webcasts/113490 Those who register for either webcast will be among the first to receive the associated whitepaper written by John Pescatore, SANS Director of Emerging Security Trends. About SANS Institute
SOURCE SANS Institute 
|
View original content: