The worsening worldwide shortage of skilled cybersecurity professionals is shaping up to be a key driver to cloud-delivered security services, explained Peter Firstbrook, a VP analyst with Gartner, at the company’s Security and Risk Management Summit on June 17.
Speaking about a lengthy list of network security “megatrends” that are “beyond your control,” Firstbrook said the cyber skills gap is “real and is getting worse.” He estimated that the number of unfilled cybersecurity roles is set to grow to 1.5 million by 2020, and concluded that the skills gap is not going to improve for at least the next decade.
In light of that continuing workforce shortfall – and the burgeoning growth in cloud service adoption – Firstbrook suggested that organizations turn to getting “your security tools delivered in the cloud.”
“You need to give up managing security products” for cloud-based infrastructure, he advised. Instead, “you have to manage security providers.”
Companies that want to develop their own security professionals need to be creative by cross-training employees that already have some security exposure but may work in the operations or business sides of their organizations, Firstbrook said. And if prospective hires arrive with skills gaps, “then you have to train people,” he said.
“The controls of security are shifting, that’s the number one message,” Firstbrook said.
In addition to the enduring skills gap, Firstbrook said other external megatrends in cloud security include:
- The growing need of organizations to respond to regulatory and data privacy concerns;
- The high right of growth in cloud application scale and complexity; and
- The tendency of attackers to become “more prolific and more determined . . . to make your life miserable.”
“Over the next decade, that is not going to change,” he said.