Many companies are turning to cybersecurity technology platforms as a means of offsetting the ongoing cybersecurity skills shortage.
According to McAfee, 209,000 American cybersecurity jobs went unfilled in 2015 alone, and the average company predicts that roughly 15% of its in-house cybersecurity positions will remain open through 2020.
Experts believe the shortage will continue well into the next decade, so it’s no surprise that many companies aren’t limiting their search for solutions to job boards. McAfee reports that 55% of companies believe “cybersecurity technology” will be able to meet “the majority of their organization’s needs” within five years, and a further 20% believe such technology will be able to meet all of their organization’s needs within five years. All told, nearly 90% of companies believe that technology will be a useful tool in offsetting the cybersecurity skills gap.
It’s little surprise, then, that everyone from Cisco and FireEye to Symantec and McAfee itself is scrambling to bring a “cybersecurity technology platform” to market. Companies desperate to shore up their IT infrastructures may be willing to take a chance on any tool that promises to help.
However, in an already overcrowded marketplace, it can be difficult to discern which tools are legitimately powerful and which ones are just slapdash products designed to capitalize on the growing demand for cybersecurity platforms. As such, we’ve assembled a list of several things every company should look for when shopping for its cybersecurity technology platform.
Comprehensive Coverage
If there’s one characteristic that defines an enterprise security platform, it’s the ability to integrate multiple point products into a single security system, giving it complete end-to-end coverage.
A cybersecurity strategy is effectively useless if it doesn’t cover all of a company’s endpoints (including computers, mobile devices, IoT devices, etc.) and networks, all of its physical and virtual servers, and all of its cloud-based operations. If a system doesn’t protect each of these components, it’s likely little more than a legacy tool dressed up in the trappings of a cutting-edge cybersecurity platform.
Prevent, Detect, Respond
A good cybersecurity technology platform doesn’t only protect every aspect of a company’s IT infrastructure, it does so at every phase of the cybersecurity endeavor. First, the platform should feature top-notch threat prevention mechanisms: robust firewalling, network microsegmentation, role-based access controls, etc.
Second, if a cyberattack does occur, a cybersecurity platform should be equipped to detect it immediately. To do so, it must include some sort of network data collection and data analytics capabilities.
Finally a cybersecurity platform should be able to respond to and mitigate intrusions. It might do that by automatically finding and blocking retrospectively installed files, quarantining compromised systems, and/or restoring systems to their last-known good states.
Centralized Infrastructure Management
A cybersecurity platform must be easy to manage if it’s going to be effective, especially with limited in-house security talent. IT professionals should be able to manage their entire infrastructure — including both policy and configuration management — from one centralized system. The advantage of an integrated platform over a set of point tools is that administrators don’t have to open one interface to set user permissions and another to tweak their firewall.
Adept Users
Of course, even a cybersecurity technology platform boasting all of these features cannot guarantee that a company’s IT infrastructure will remain safe and secure at all times. As CSO contributor Oliver Rochford points out, “Cybersecurity technology can act as a force multiplier...but this still requires a force to multiply. Technology can make challenging tasks easier to accomplish, [but] it doesn’t accomplish them for you.”
Even with a cybersecurity technology platform in place, maintaining the security of a corporate IT infrastructure takes extensive experience, a broad knowledge base, and a great deal of manpower. As such, in an effort to further offset the ongoing skills shortage, many companies — more than 60%, according to McAfee — choose to outsource some or all of their cybersecurity operations to a managed IT services provider like Turn-key Technologies (TTI).
By partnering with TTI, a company can achieve the functionality of a well-staffed IT department for a fraction of the cost, ensuring that all of their cybersecurity technologies are primed to deliver on their full potential.