Intelligent SME.tech Issue 28 | Page 21

intelligent

// EDITOR ’ S QUESTION ?

BRIAN MARTIN , HEAD OF PRODUCT , STRATEGY AND INNOVATION AT INTEGRITY360

T here ’ s been a cybersecurity skills shortage for years . It ’ s an issue the industry continues to struggle with and it ’ s not going away any time soon . According to the ( ISC )² Cybersecurity Workforce Study , there is a global cybersecurity workforce gap of 3.4 million people .

For SMEs , the problem is further exacerbated because their cybersecurity budget is often lower and more constrained than their larger counterparts . It can seem daunting as an SME to start tackling cybersecurity , but the costs of a data breach far exceed the investment needed to protect your organisation . For many SMEs , in fact , a serious data breach or ransomware attack can be an existential event . While the costs and time involved in seeking , hiring and training the required cybersecurity professionals to secure their systems is a necessity , there are no guarantees that if they do , then they will stay .
Not only this , but cybersecurity professionals must be adaptable and have a wide range of skills to keep up . Threats are constantly evolving , and every new piece of technology released has a digital component that also needs a security consideration .
Organisations need to be more diverse and shun the unconscious bias in terms of what represents a cybersecurity resource , which historically may have excluded an ideal profile based on age , gender or background . Competition for cybertalent is fierce with cybersecurity professionals capable of commanding very high salaries and essentially having their pick of roles .
One option is for SMEs to utilise an MSSP or MDR provider . This can help avoid these challenges and really benefit SMEs struggling to fill their cybersecurity needs and the worry that comes with acquiring an in-house specialist to cover everything .
It ’ s cost-effective and more flexible too , allowing a business to scale at pace , confident in the knowledge they are protected from cyberthreats . Businesses can make further savings by not having to purchase expensive software or tools due to an MSSP or MDR provider having access to the latest technology already . Service providers can afford to invest in the leading platforms and technology due to economies of scale in delivering services to many customers .
Where skills are in short supply , automation technology can also provide some help in alleviating the issue . In particular , where processes are defined and already exist within the security information centre , it can be useful to look at repetitive tasks ; those that have defined inputs and outputs . These tasks are ones that staff are spending inordinate amounts of time on repetitively .
Knowing which tools to use ensures the right level of automation , leaving other key staff free to undertake the tasks that will give them higher job satisfaction and make it more likely for them to remain in that role and limit the risk of cyber burnout .
MSSPs can cover all security bases by managing firewalls and other security infrastructure , monitoring networks , optimising intrusion detection and prevention solutions , tracking and prioritising vulnerabilities , detecting and responding to threats , and if the worst should happen , carrying out incident response when needed .

FOR MANY SMES , IN FACT , A SERIOUS DATA BREACH OR RANSOMWARE ATTACK CAN BE AN EXISTENTIAL EVENT .
Intelligent SME . tech
. tech
21