The current state of cybersecurity is tumultuous, with a rise in ransomware as a service, increased compromises of business e-mails, and unpatched vulnerabilities that pose significant risks to businesses across industries and sizes.

That’s according to Jason Oehley, regional sales manager at Arctic Wolf, adding that this is particularly true of small and medium-sized enterprises (SMEs), which face particular challenges due to limited budgets and a shortage of IT skills.

Shortage of skills

“There is a major tech skills shortage around the world, and an even more acute one when it comes to specialised cyber security skills,” he adds. “In South Africa, finding these skills is even more of a challenge, as not enough students are training in STEM subjects to begin with, and local companies cannot hope to compete with salary packages offered by their international counterparts, so the few skilled people we have are leaving at a rapid rate.”

Oehley says considering that a business would need (conservatively speaking) about eight to 10 highly qualified experts to run a security operations centre (SOC), it’s easier to understand the scope of the problem. “It is hard to find one or two qualified people, yet alone ten. Moreover, even if you do manage to find the right resources, it is likely a six-month process to skill them up to look after the specific systems the company has in place. This in turn, affects a company’s ‘time to protection’, which can negatively affect the business.”

Competing against giants

While the largest entities can afford to find and train the skills they need and have large, qualified, in-house SOCs in place, smaller businesses simply cannot. “The dearth of skills amplifies the skills gap for smaller organisations, as they often battle to compete with larger companies and corporations when it comes to attracting and retaining qualified employees.”

This also means that their IT teams are usually made up of generalists with broad expertise but lacking specific competence in cybersecurity matters. “They might have a little cybersecurity training,” Oehley adds, “but when a team has so many priorities, they can become too thinly spread, and lack the necessary focus to deal with cyber security effectively. And if you consider that the majority of security incidents are still caused by known but unpatched vulnerabilities, it’s a problem, when there is no one to ensure that systems are patched and up to date, with the right policies in place. It is also hard to be objective about your own environment when you have multiple things on your plate.”

Ransomware, business e-mail compromise and other threats are skyrocketing as our adversaries grow more determined, and their tools increasingly complex

The cybersecurity situation continues to deteriorate due to geopolitical and economic uncertainties, Oehley explains. “Ransomware, business e-mail compromise and other threats are skyrocketing as our adversaries grow more determined, and their tools increasingly complex. This is seeing this gap grow wider and wider.”

Security as a service

This is why forward-thinking companies are looking at an alternative solution and adopting a security operations centre as a service (SOCaaS) model, where a security partner such as Arctic Wolf can take teams through the security challenges.

SOCaaS offers transparency and flexibility, rapid implementation and a comprehensive range of services. These might include security asset inventory, around-the-clock threat monitoring, detection and response capabilities, managed risk and security incident response, and continuous enhancement of the company’s security posture.

Oehley says ideally, the external security partner functions as an extension of the IT department, possessing deep security expertise and access to up-to-date threat intelligence. Through a collaborative approach, any adjustments needed to address the latest cyber risks can be made quickly. Additionally, a dedicated point of contact is always available to address queries and provide guidance based on that threat intel.

“Partnering with a security vendor that can guide you on what is the best practice for protecting your site and your environment, while also continuously improving your security posture over time, is really important,” he said.

Sometimes it’s good having an external company looking at security so you’re not marking your own homework, as it were. “Having a third party to do all the checks and balances, and then report back to you is far more effective,” Oehley believes.

About Arctic Wolf
Arctic Wolf is the market leader in security operations. Using the cloud-native Arctic Wolf Platform, we help companies end cyber risk by providing security operations as a concierge service. Highly trained triage and concierge security experts work as an extension of internal teams to provide 24×7 monitoring, detection and response, ongoing risk management and security awareness training to give organisations the protection, resilience and guidance they need to defend against cyber threats. For more information, visit arcticwolf.com/uk or connect on Facebook, Twitter or LinkedIn.