classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn

Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017

Security skills shortage?
May 2017, Cyber Security, Training & Education

It’s no secret that we’re currently faced with a global information security skills crisis. Given that the predicted increase in demand for information security professionals is exceeding the current rate of supply, we should be expecting a shortage as large as 1.5 million within five years, according to the Global Information Security Workforce Study.

Skilled security personnel are already feeling the effects of the crunch, evidenced in longer reaction times and the fact that only 20% of respondents felt confident that a system or data compromise response could be carried out within a single day, numbers that have dropped from 33% in 2013.

Simeon Tassev, MD and QSA, Galix Networking.
Simeon Tassev, MD and QSA, Galix Networking.

A recent Tripwire study discovered that roughly two-thirds of respondent organisations faced increased security risks due to the skills shortage, of these respondents, 69% have attempted to use technology solutions to fill the gap. It’s important to remember that technology can only fulfil its potential when interfaced with humanity, so businesses need to look at smarter ways to beef up on protection by applying intelligent security solutions that are outsourced to and overseen by security professionals.

No shortage of cyber threats

The skills shortage is both a problem and a challenge for South African businesses, however it’s not a challenge that is uniquely local. The main reason for such a global shortage is due to the length of time it takes to qualify as a security professional. With the various international certifications, even the most generic (like the Certified Information Systems Security Professional (CISSP) certification) has a minimum requirement of four to five years of working experience, and this is applicable to other certifications like compliance as well.

While it might take a long time for an individual to qualify, technology doesn’t wait. As we’ve seen, every year new technologies and new threats appear, and security professionals can’t qualify quickly enough to keep up with evolving cyber threats. Furthermore, there’s no quick-fix for this situation as it is not possible to fast-track the process, as the knowledge and experience is critical – the certification requires five years of experience because it takes time for individuals to be exposed to the various aspects of security and technology to gain the necessary skills.

This is a dangerous situation for South African businesses as the International Data Corporation has pointed out that some 52% of data that should be protected, isn’t. Furthermore, the IDC predicts that by 2018, roughly two-thirds of corporate networks will have experienced an Internet of Things security breach, while the Network Barometer Report points out that in 2015, at least 60% of all network devices had at least one security vulnerability, of which 76% were identified being more than two years old. All of these stats and figures point to the fact that organisations simply aren’t doing enough to ensure network security.

Bridge the gap, intelligently

It’s clear that security should be the single largest end-user computing concern for digital businesses. Nevertheless, what can organisations do when there simply aren’t enough professionals with the right skills for hire? Are automated security solutions effective enough to fill the gap?

The reality is that while there are various tools and automated security solutions that will assist, all of those tools will be exactly that – a tool for somebody to use. Individuals in charge of monitoring and using security solutions will require the skills and knowledge to interpret the output delivered by such tools in order to be truly effective. The most common way of working around a skills shortage is outsourcing.

This approach is successful when the right combination of tools is in place in order to minimise the amount of time required for a specialist to be physically involved in the security system. From an outsourcing perspective, instead of spending time sifting through logs, with the right tools, the specialist can turn to a summary report of all actions, or drill down and report on whatever is deemed necessary. This helps the specialist to maximise time, making it possible to provide the same functionality to many companies, not just one.

Technology is an ever-evolving entity – the pace of growing threats is simply too rapid to keep up with, causing the skills gap to widen even further. Given that it’s a problem that has no quick fix, it would be prudent for businesses to look to solutions that incorporate artificial intelligence – not in the Hollywood sense of the word, but rather more of an automated system with built-in intelligence.

By utilising such automated systems with intelligence, it is possible to minimise the amount of input needed from a security specialist to such an extent that he would only need to intervene in the case of an exception or crisis. With the right tools in place, and the right information security specialist, it becomes possible to automate 90% to 95% and reduce the required input of that specialist to only 5% to 10%, which should serve sufficiently to bridge the skills gap, allowing businesses to shield their digital assets effectively.

For more information contact Galix, 086 124 2529,

Supplied By: Galix Networking
Tel: +27 11 472 7157
Fax: +27 11 472 8841
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Cyber-securing physical security
    March 2018, AVeS Cyber Security, This Week's Editor's Pick, Cyber Security
    You can’t kick a rock these days without hearing about cybersecurity and the Internet of Things (IoT). At the same time, you should not be talking, reading or hearing about one of these without the other.
  • Keep your guard up
    March 2018, This Week's Editor's Pick, Security Services & Risk Management, Training & Education
    The crux of a successful human guarding element is careful selection of the ‘right’ personnel and competence through appropriate and adequate training.
  • Power simulator launched
    March 2018, Security Services & Risk Management, Products, Training & Education
    Cummins launches simulator to demonstrate complete power systems at the Cummins Training Centre in Kelvin, Johannesburg.
  • Are you ready?
    March 2018, South African Institute of Security (SAIS), This Week's Editor's Pick, News, Conferences & Events, Training & Education
    The South African Institute of Security (SAIS) held its first briefing of the year at the Garden Court Hotel in Kempton Park. The theme of the event was ‘2018… are you ready?’
  • Secured access control
    March 2018, Suprema, Cyber Security, Access Control & Identity Management
    With the advances over the years in physical security products, these too have become open to cyber threats resulting in monetary and safety risks.
  • Can you secure security?
    March 2018, Graphic Image Technologies, Cyber Security, CCTV, Surveillance & Remote Monitoring, IT infrastructure
    Is it possible to protect physical security systems from cyber intruders? Laurence Smith looks at the task of securing physical security.
  • Cyber risks are business risks
    March 2018, Cyber Security
    It is only when IT security-related risks are considered as business risks that the relevance of addressing them with proactive, strategic and appropriate solutions really becomes apparent.
  • The reality of integrating physical and cyber
    March 2018, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management
    Meshing technology with physical security can vastly improve the overall security landscape for any organisation.
  • Everything is connected
    March 2018, J2 Software, Cyber Security, Security Services & Risk Management
    Whether you know it or understand it, everything is connected. John Mc Loughlin looks at cybersecurity in the physical security world.
  • What lies ahead in 2018?
    February 2018, Axis Communications SA, Cathexis Technologies, Forbatt SA, Milestone Systems, neaMetrics, Suprema, ZKTeco, G4S South Africa, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Cyber Security, Integrated Solutions
    To find out what the physical security industry is expecting in 2018, Hi-Tech Security Solutions asked a few of the leading players what they expect in 2018 in South and southern Africa.
  • Cybersecurity trends 2018
    February 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security
    Cybersecurity will remain a key issue for everyone in every industry this year. Here’s what some experts on the topic have to say.
  • Campus security must not fall
    February 2018, CAMPROSA (Campus Protection Society of Southern Af, This Week's Editor's Pick, Integrated Solutions, Conferences & Events, Associations, Training & Education
    The Campus Protection Society of Southern Africa (Camprosa) held its annual conference in the second half of 2017 at the Kwa Maritane Bush Lodge in the Pilanesburg Game Reserve.

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.