Rethinking Cybersecurity: The $80K Job With Few Applicants

Cybersecurity demand and potential are on a massive trajectory, yet successful careers therein remain few, thin, stunted.

The industry as a whole is growing fast, the money is there and so are job openings. As Forbes reports, in 2016 there were 1 million job openings in cybersecurity across the United States, with projections rising as high as 6 million openings in 2019.

IDC and Gartner both calculate cybersecurity budgets to continue to swell: IDC predicts cybersecurity software, services and hardware spending flooding over $101 billion by 2020 and Gartner says global InfoSec spending is around $90 billion this year alone.

But, as University of San Diego Cybersecurity Professor Ashton Mozano says, the—$80,000 per year on average—security operations (SecOps) starting salary is perhaps the highest paying entry-level job out of college, that hardly anyone has ever had. Why is that?

The SecOps Deficit

Cyberseek tallies around 40,000 information security analyst jobs going unfilled each year and executive leadership teams struggling to fill upwards of 200,000 cyber-security-related positions annually.

Moreover:

• 40 percent of enterprises receive less than five applications for cybersecurity positions
• Close to 1 in 3 organizations take at least six months, or longer, to fill priority cybersecurity positions.

Why the vacancies? According to recent tech surveys:

• 37 percent of organizations report less than 1/4 candidates are qualified
• 46 percent of companies polled see a skills gap with emerging software platforms

And this last point is what many experts point to, for the cybersecurity labor force remaining thin.

“A lot of the blame has been placed on academia for failing to train large numbers of students with targeted skills. … Certain academic fields in mathematics and engineering are infamous for presenting material in drab, monotonic, esoteric, non-interactive manners,” according to a San Diego Union Tribune article.

It goes on to illustrate how other innovative tech positions are sexy on paper but orchestrating systems that identify and mitigate an ever-evolving plethora of attacks is more of the awkward turtle on the IoT superhighway.

Cyber hacks are imminent, insidiously frequent and severe; ever-more simple, and readily accessible to the curious. By contrast, “Cybersecurity can be a high-stress job where you can get fired if things go wrong, and no one pats you on the back if there were no problems overnight,” explains Northeastern University’s Silicon Valley regional dean P.K. Agarwal.

While some blame our education (or the lack thereof) system for hiring gaps in InfoSec, others point at the looming advent of automation for replacing human talent.

The Enemy of my enemy is my friend

(Hint: Automation)

As mentioned in a previous article “We live in a tech terrain where the rumblings of AI and automation advances shake up the cornerstones of our foundation, inciting unease in the working class across industries. People are afraid of being replaced.”

Read more on : Knowledge:Wisdom::Automation:Human Talent

The reality for SecOps however, is that, unlike its cousin IT operations, job losses due to automation are less of a clear and present danger. Automation, for incident resolution (IR) to security threats is not the enemy; quickly moving hackers and security breaches are the enemy.

Formidable and flexible, rapid-response automatable actions are the ally. Automation for IR aids in an environment where scarce, skilled talent is not only hard to come by but escalating from entry-level security analysts to higher L3 and subject-matter experts (SME) is expensive.

Dark Reading contributing writer Ericka Chickowski sums it up. “As organizations drown in alerts and try to figure out a way to prioritize incidents for investigation, automation will play a huge role in stopping the insanity. But that won’t ever replace the importance of smart people to direct the automation, and follow up with human intuition and foresight to move investigations forward and mitigate the root problems.”

Enter Resolve Systems

As Information Systems Audit and Control Association’s Cybersecurity Nexus detailed in its State of Cybersecurity 2017 report, less than half of corporations polled were confident their teams were well able to handle anything slightly beyond simple cyber incidents.

It seems a waste to pay an engineer six figures to do a job the L1 was hired for, and pay an L1 analyst just to escalate up the ladder all day.

Resolve Systems is the pioneer incident response and automation platform equipping SOC and NOC, IT Ops, DevOps and Service Desk teams to handle varying intensities and complexities of incidents right at the frontlines and across silos. The Resolve Platform enables engineers to capture SME in no-code, pre-built automations to empower L1 agents to easily run end-to-end or human-guided automations. Regardless of their experience, Resolve fills in the gap.

In short, “we’re continuing to let humans do human things while allowing machines to do machine things,” as Mark Henninger, Director of Network Operations with Windstreams said.

The optimization Henninger mentions above—human-guided automation—is the “easy button” enterprises need to empower L1’s for effectual IR while also freeing Sec Ops experts up to do the job they’re hired for: building more sophisticated automations.

“… that won’t ever replace the importance of smart people to direct the automation, and follow up with human intuition and foresight to move investigations forward and mitigate the root problems.”

— Ericka Chickowski, Contributing Writer, Dark Reading

To get a live look at how Resolve integrates with existing applications and connectors, come see us live at Black Hat USA 2017, July 26 & 27 at Mandalay Bay.

For more information, read: Security Incident Response to learn more on how Resolve Systems spearheads IR using human-guided automations.