The skills gap in cybersecurity is significant. In fact, there is such a serious problem that many believe the only solution is to look at cognitive solutions and AI. I am not so sure yet. The numbers are staggering, Forbes estimates that there is a current shortage of 209,000 unfilled cybersecurity positions, Cisco systems report estimates it at around 1,000,000. And the numbers are only expected to grow from here.
There also appears to be a very small investment in hiring new cybersecurity professionals and there is also many seasoned cybersecurity professionals that will be retiring soon. This makes for a very serious problem. Or just open the newspaper and see the latest spectacular cybersecurity breach.
What’s The Answer?
As I was saying there is a lot that can be done but there is little that is being done. One answer being promoted heavily by some large firms such as IBM is a cognitive security solution. It is essentially a process and analyzes information much faster than humans. Offering this idea as a solution is I believe a start, and certainly better than what a lot of companies are doing which is nothing.
Sure, something is better than nothing but is this really the solution? Could be but maybe there is more to this than just a decision-making engine taking over for us.
One of the things that is overlooked in cybersecurity is the process part of the equation. I have talked extensively about this since it is one of the most effective ways to implement a comprehensive cybersecurity posture that will keep your company safe. I talked about process here. This process is what is going to protect you when all of your systems fail or are compromised.
I am not against AI and other cognitive solutions. I actually think they are an important component and will become more important as we move forward. However, the simple common-sense processes are your starting point. Remember the plan comes before the action.