intelligent

Although there are many roles within cybersecurity , the main area of shortage is information security analysts ; those responsible for providing security solutions for their companies . Typical duties include undertaking security focused research , collecting threat intelligence , developing secure strategies and maximising productivity . Infosec analysts are generally charged with implementing security principles while following strict privacy policies , with more adept practitioners often using advanced skills to proactively uncover security threats and network vulnerabilities . Even with an average annual salary of around £ 32,000 , recruiting a competent analyst is still a challenge .

Supply is stretched further by businesses becoming 24 / 7 in nature . The typical 9 to 5 role tends not to apply to cybersecurity staff who must be available to react at relatively short notice if there is an alert to indicate a breach . Managing cybersecurity is not a core function for most organisations and this additional burden can potentially ramp up costs further as businesses need to either hire enough staff to cover a full day or alternatively find an out-of-hours service to cover the gap .

Ostrich approach

Unfortunately , many organisations are simply ignoring the risk . The UK government ’ s recent Cybersecurity Breaches Survey of 2021 found that during the pandemic , cybersecurity preparedness actually declined – even as the number of attacks increased . The report found that preventative measures such as testing staff through mock phishing exercises , carrying out cybersecurity vulnerability audits and reviewing cybersecurity risks posed by suppliers had dropped by between 20 % to 30 % compared to the previous year . While four in ten businesses ( 39 %) report having cybersecurity breaches or attacks in the last 12 months with medium-sized businesses ( 65 %) the most vulnerable .

In response to these challenges , a growing number of organisations are instead switching to various forms of managed security services to deliver a defined level of protection within a fixed cost . This is a sector that is growing rapidly and according to estimates from the UK Department of Digital , Culture , Media and Sport , there are 1,483 firms active within the

UK providing cybersecurity products and services – an increase of 21 % since last year ’ s ( 2020 ) report and a 75 % increase since 2017 . Most firms offering cybersecurity skills are SMEs , with around 80 % of these firms having less than 50 staff . Unlike large scale utilities , delivering cybersecurity expertise tends to require a closer relationship to the endcustomer and as such – this tailored approach better suits smaller businesses rather than larger entities .

Just about managing

The fastest growing segment is managed security services providers ( MSSPs ) that tend to offer a broad range of cybersecurity services such as endpoint protection , managed firewalls , vulnerability and patch management . To deliver these services , most will run some kind of Security Operations Centre ( SOC ) which according to the UK ’ s National Cybersecurity Centre is a facility where enterprise information systems such as websites , servers and networks are monitored , assessed and defended . Depending on the nature of the SOC , organisations may offer a variety of services including monitoring , detection , threat hunting , incident management , log analysis , forensic imaging , malware analysis , reverse engineering , mitigation advice and general good practice guidance .

Larger enterprises tend to build and staff their own SOC , but this is often cost prohibitive to smaller businesses , which are instead using managed SOCs that look after several customers using a single centralised team of experts . A managed SOC will perform several key tasks , the first is to detect and prevent attacks while keeping the information held on systems and networks secure . This , in turn , will increase resiliency by learning about the changing threat landscape , including malicious and non-malicious , internal and external threats . Lastly , the SOC will be able to react to an attack that results in a breach with a response plan to contain any potential damage .

There are many advantages to taking a managed SOC rather than building your own . Firstly , it allows access to better cybersecurity technology and processes for a fixed fee because the running costs are effectively shared among all the customers that benefit from the SOC . This will also include a Service

Malcolm Orekoya , CISM , CISSP , Chief Technology Officer , NetUtils

RECRUITMENT AND RETENTION OF GOOD CYBERSECURITY STAFF IS DIFFICULT – ESPECIALLY FOR SMBS WITH SLIMMER BUDGETS AND LESS STAFFING CAPACITY .