Today, there simply aren’t enough cybersecurity professionals to go around. In July 2020, research from labor analytics firm Emsi found the demand for cybersecurity professionals in the United States is twice as great as the supply. According to the Aspen Institute, by 2021, there will be at least 500,000 cybersecurity positions left unfilled.
When you have enough talent, you can be confident about your agency’s capabilities. But most organizations don’t have enough. So, they need to augment their staff with the right tools and procedures.
“There’s a talent shortage of cyber professionals, especially in state and local agencies,” said Brandon Shopp, Vice President of Product Strategy at SolarWinds, an IT management software company.
To keep up their defenses, state and local agencies have turned to outsourcing their security needs to managed security service providers.
This outsourcing, alongside the explosive growth of cloud computing and digital services, means agencies are potentially spreading their cyber risk and taking on a more complex cyber environment.
For instance, let’s say an infrastructure problem occurs in an agency that outsourced its infrastructure maintenance. To figure out who can fix the problem — or whose responsibility it is — the IT administrator has to step by step determine if it’s a problem with the infrastructure, users, service provider, and so on.
“You need to have a clear process of rights and responsibilities from a cybersecurity and digital services perspective. As an issue comes up, you must have a well-defined path to quickly diagnose a problem,” Shopp said.
But there’s so much data the IT administrator has to sift through. To quickly diagnose the problem amid complexity, agencies need tools to mine through data, monitor changes and shorten the mean time to detection, especially when there aren’t enough cybersecurity personnel.
For example, security information and event management (SIEM) tools can help by centralizing multiple streams of security data and signaling anomalies in the environment. Flow-based technology provides greater infrastructure visibility by monitoring network traffic and diagnosing, detecting and resolving performance issues. These tools could be particularly helpful for “shadow IT,” which is software employees might download without official approval and knowledge of the IT department.
In tandem with monitoring tools, management tools are also key. There are sundry security compliance standards agencies need to put in place, but how can they make sure they’re always in place? Other than bad actors, what if a peer accidentally takes something out without knowing what it was for and why?
A configuration management tool can capture changes and make sure IT standards in the environment are up-to-date.
“Having a configuration management tool watching your infrastructure so it doesn’t drift away from the best practices and policies of state and federal government is key,” Shopp said.
In a cyber talent shortage, agencies can have the confidence they need by building up the appropriate tooling and procedures for their cybersecurity and digital services.
This article is an excerpt from GovLoop’s recent guide, “Resilience Lessons From State & Local Government.” Download the full guide here.