The cybersecurity company McAfee has released Winning the Game, a report on challenges facing IT security people in terms of threats, technology investment and skills required to win against cyberthreats. The survey found that concerted efforts to increase job satisfaction, automation in the Security Operations Centre (SOC) and gamification in the workplace are key to beating cybercriminals at their own game.
The landscape for cyberthreats is growing, both in complexity and volume, according to the IT security product firm. According to the report, 46 percent of respondents believe that in the next year they will either struggle to deal with the increase of cyberthreats or that it will be impossible to defend against them. Further complicating the dynamics of the competition between security responder and cybercriminal is the cybersecurity skills crisis. Survey respondents believe they need to increase their IT staff by nearly a quarter (24 percent) in order to manage the threats their organisations are currently facing, while 84 percent admit it is difficult to attract talent and 31 percent say they do not actively do anything to attract new talent.
Grant Bourzikas, chief information security officer at McAfee, said: “With cybersecurity breaches being the norm for organisations, we have to create a workplace that empowers cybersecurity responders to do their best work. Consider that nearly a quarter of respondents say that to do their job well, they need to increase their teams by a quarter, keeping our workforce engaged, educated and satisfied at work is critical to ensuring organisations do not increase complexity in the already high-stakes game against cybercrime.”
The growing threat landscape and recruitment and retention challenges facing the cybersecurity workforce demand automation as a key ingredient in the game against cyberattackers. By pairing human intelligence with automated tasks and putting human-machine teaming in practice, automated programs handle basic security protocols while practitioners have their time freed up to proactively address unknown threats.
Gamification, or applying elements of game-playing to non-game activities, is growing in importance as a tool to help drive a higher performing cybersecurity organisation. Within organisations that hold gamification exercises, hackathons, capture-the-flag, red team-blue team or bug bounty programs are the most common, and almost all (96 percent) of those that use gamification in the workplace report seeing benefits. In fact, respondents who report they are extremely satisfied with their jobs are most likely to work for an organisation that runs games or competitions multiple times a year.
The report suggests that gamers, those engaged and immersed in online competitions, may be the logical next step to plugging the gap. Nearly all (92 percent) of respondents believe that gaming affords players experience and skills critical to cybersecurity threat hunting: logic, perseverance, an understanding of how to approach adversaries and a fresh outlook compared to traditional cybersecurity hires.
Nigel Hawthorn, of McAfee’s cloud security business unit, said: “Businesses are creating and collecting more data than ever before. With GDPR set to come into force in less than two months’ time all businesses will need to be more mindful of who has access to their data – particularly when you take into account the high level of staff churn in many cybersecurity organisations. Our research reveals more than half (52pc) of security professionals say the workforce around them is changing regularly, or constantly, every year.
“Through automating elements of the handling of data, businesses can reduce some of the risk that humans represent and stay on the right side of GDPR. Being GDPR compliant requires a combination of knowledge, processes, policies, technology and training, as well as detailed understanding of data flows to and from third parties and cloud services. Most organisations (92pc) say they are already using some form of automation in their cybersecurity processes. Sixty-three per cent of those use it for monitoring networks and cloud services – this enables them to protect these massive amounts of data by detecting any suspicious movement as it happens, for them to then take the necessary steps to correct it.”
