Subscribe
About
  • Home
  • /
  • Security
  • /
  • MDR, training help overcome cyber security skills shortages

MDR, training help overcome cyber security skills shortages

Sergey Soldatov, head of the Security Operations Center at Kaspersky.
Sergey Soldatov, head of the Security Operations Center at Kaspersky.

Cyber security skills gaps are putting organisations at serious risk amid soaring cyber crime volumes. However, MDR services and skills development could help overcome this challenge. This is according to experts participating in a webinar hosted by Kaspersky and ITWeb this week.

Brandon Muller, Kaspersky tech expert and consultant at Kaspersky MEA, said: “In the past year, there has been a massive increase in advanced persistent threats, and activity by cyber criminals and cyber mercenaries in Africa.”He noted that on the Dark Web, access to META region corporate infrastructure could be obtained for a relatively low price of around $2 100. Trends emerging in the region included South Africa being among the countries hardest hit by advanced persistent threats, the growth of the ‘hack and leak’ attack model, and increasing attacks on governments and critical infrastructure.

In the face of the onslaught, cyber skills are in short supply. Muller said: “75% of companies in Africa have encountered challenges in recruiting and retaining qualified cyber professionals according to existing research. The new Kaspersky / ITWeb cyber security skills survey among South African business representatives revealed that dedicated cyber security functions are not yet common in South African businesses and are often considered as part of the IT function.”

74% of organisations taking part in the survey said they had specialist internal IT staff, but only 33% had an internal security operations centre (SOC). 24% rely on non-specialist internal staff, 28% use an outsourced IT support company and 21% use an outsourced managed service provider. Only 17% use an outsourced SOC and 15% use an outsourced consultant specialising in specific areas or platforms.

A poll of webinar participants echoes the survey findings, with 54% saying information security was managed as part of their organisation’s IT function, 40% saying it is managed by a dedicated role or department, and 5% saying it is not managed at all. 50% said their biggest cyber security challenge was budget limitations, while 33% said it was that end users were not educated. 11% cited the skills shortage and 5% said uncertainty of the scope of the problem was a major challenge.

Overcoming the skills gap

Muller said: “Skills shortages are a serious challenge, but only 44% of organisations are considering outsourcing to experts, preferring to develop their internal skills. Managed detection and response (MDR), threat intelligence and training can help them mitigate the risks despite the skills shortage.”

Sergey Soldatov, head of the Security Operations Center at Kaspersky, said: “Humans can always defeat machines sooner or later, so MDR services enable threat detection and cyber threat hunting to augment existing security practices and automated tools.” Organisations now need threat prevention and detection in both an automatic and manual way – at any attack stage, and to be able to remediate from the moment of detection, he said.

He outlined Kaspersky Managed Detection and Response as a comprehensive solution with automatic prevention and detection mechanisms, global threat intelligence and professional teams. Kaspersky MDR enables proactive threat hunting by one of the most successful and experienced teams in the industry. Kaspersky MDR leverages patented machine-learning models, unique ongoing threat intelligence and a proven track record of effective targeted attack research to strengthen resilience to cyberthreats while optimising existing resources.

Skills shortages are a serious challenge, but only 44% of organisations are considering outsourcing to experts.

Brandon Muller, Kaspersky.

“The only way to prevent modern threats is to have a combination of automatic prevention, semi-automatic detection and manual hunting,” he said.

Charl Ueckermann, group CEO at IT Governance and Architectural services consultancy AVeS Cyber Security, noted: “The general rule of thumb is to insource whatever gives you a competitive advantage, otherwise, outsource it. So unless you are in the cyber security business, it’s worth outsourcing cyber security.”

Charl Ueckermann, Group CEO at IT Governance and Architectural services consultancy AVeS Cyber Security.
Charl Ueckermann, Group CEO at IT Governance and Architectural services consultancy AVeS Cyber Security.

He highlighted the role of user training in addressing cyber risk. “Users are a human firewall, and training helps strengthen it. In addition to its MDR services, Kaspersky offers a lot of training, including specialised training for IT and cyber security teams, awareness training for executive management, and security awareness training for employees. These courses go a long way to covering the skills gap,” he said.

Ueckermann said that improving the organisational security posture required a strategic approach.

“It’s no use simply throwing a lot of money at products and services. You should always start with a proper assessment, then move to a practical plan on fit for purpose products and services to reduce your risk profile within your budget constraints. Step three is the remediation phase, where you make a careful selection of the right packages and solutions, then you bring in a rigorous training and awareness programme to ensure these technologies deliver a maximum ROI,” he said.

“Next, monitoring is necessary to make you faster to identify cyber risks and indicators of compromise. An incident is guaranteed to happen to every organisation, so if you are well prepared the consequences may be relatively small. You must also have an organisational culture of awareness, where everyone takes responsibility for risk.”

Share