This is a generic list, much the same as all the other listicles you’ll see. The way they describe the lack of skilled staff issue jumped out at me because there’s a direct correlation between effective threat hunting and monitoring and the skills and fatigue levels of people doing the work…:
4. Lack of instrumentation and monitoring of critical systems
The lack of instrumentation and monitoring of critical systems can be due to several factors, like alert fatigue and overload, shortage of trained security engineers and poor automation. However, the root cause is generally a gap in cybersecurity skills.
According to the study of cybersecurity professionals by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG), 70% believe their organization has been impacted by the global cybersecurity skills shortage. Further, 45% of respondents believe the cybersecurity skill shortage and its impact have gotten worse over the past few years. This gap can cause rising security incidents – leading to lost productivity, breach of sensitive information and increased resources for remediation.
In order to close the gap and take a step in the right direction in 2021, business leaders, CISOs, cybersecurity professionals, HR and educators must invest more in education, awareness, training and scholarships – leading the way for new generations to tackle the cyberthreats of tomorrow.