Brexit and the Cybersecurity skills gap: Could automation provide a solution?
The cyber threat landscape is constantly evolving and expanding, as a result, organizations require increasing numbers of trained IT security personnel to mitigate against this threat. Unfortunately, the cybersecurity skills gap is a well-documented and growing issue within the industry.
Brexit Impact on Cybersecurity
The impact of Brexit on the UK cybersecurity industry is likely to be considerable. While it is still not clear exactly when or how it will leave the EU, one thing is for sure, Brexit is going to significantly increase the cybersecurity skills gap within the UK. Why? While attacks will certainly not decrease as a result of Brexit, due to new immigration controls, organizations will likely find it harder to identify and recruit staff with the skills needed to defend against them.
As a result, organizations will need to leverage security technology more than ever before. And, they will need that technology to be easy to manage and capable of automatically defending against today’s sophisticated attacks.
The Skills Gap, Brexit and DDoS Mitigation
DDoS attacks have become an everyday occurrence for organizations around the world, due mainly to the proliferation of DDoS-for-hire services. As a result, demand has grown for a workforce with specific DDoS expertise. A growing labour shortage, which has the potential to be intensified by Brexit, means finding new candidates with the required skills is becoming increasingly difficult. This begs the question, what can be done to mitigate against these challenges?
The DDoS Attack Landscape
The DDoS attack landscape is dominated by low-level, sub-saturating, attacks that often escape the attention of IT Security staff. Corero’s research shows that 94% of attacks are under 5 Gbps and these are often specially crafted low-level, multi-vector, attacks that evade traditional DDoS protection. In addition, DDoS attacks are increasingly automated, allowing attackers to start with one attack vector and enable subsequent vectors, until they have the desired impact.
Orchestrating an effective defence against modern low-level attacks, which have a tendency to blend in with regular traffic, requires an always on solution that automatically and immediately detects and blocks them, in real-time. This automation could also be the solution to the challenges presented by the growing shortage of qualified cybersecurity staff.
Why Automated Security Solutions Are the Future
Organizations that are already suffering a shortage of qualified cybersecurity staff, or those that believe Brexit could impact their capacity to hire, should look to implement the latest automated security solutions, which includes DDoS mitigation technology that delivers the following benefits:
- Simple deployment, compared to traditional DDoS protection solutions;
- Automated protection against DDoS attacks of all sizes and durations
- Comprehensive visibility into attacks, for forensic analysis;
- Significantly reduced need for IT staff with DDoS expertise;
- Can be fully managed, before, during and after an attack, by a remote service that combines state-of-the-art monitoring and reporting, with highly experienced security engineers.
As uncertainty surrounding the impact of Brexit on the cybersecurity industry grows, organizations must increasingly turn towards the latest generation of automated tools to handle tasks traditionally managed by human security analysts. Automation, particularly for DDoS mitigation, can already deliver a more efficient and effective way of managing cyber threats.
Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.