Why Your Security Analysts Are Willing To Take A Pay Cut To Leave

Posted by David Monnier, CommunityVoice | 1 hour ago | /innovation, Innovation, standard, technology | Views: 1


David Monnier is Chief Evangelist and Fellow at Team Cymru and host of Future of Threat Intelligence Podcast.

Security teams have a great responsibility to protect their organization and prevent attacks that will be costly to finances, customers and reputation.

But your security will fall apart if you can’t prevent your team members from leaving for other opportunities. According to my company’s recent report, half of security practitioners say they would take a pay cut to leave their current organization for another offering more training and better technology.

Security teams today want to protect their organization and evolve their threat-hunting practices, but they may not be able to do so due to a lack of:

Appropriate funding

One of the biggest challenges holding threat-hunting programs back is a lack of funding and budgetary commitment from stakeholders. Not having enough funds can impact every area of a security team, from not being able to invest in the best tools to not being able to expand the team. Often a lack of funding stems from those in charge of the budget not fully understanding the positive impact, protection and cost savings a good threat-hunting program can deliver.

Historical data and tools

Another challenge to threat-hunting programs is not having the right data, intelligence or resources with which to perform their threat hunting. Not having historical data or robust logging means not knowing what “normal” looks like to compare events against. Security teams will find it harder to protect their organization if they don’t have relevant, actionable threat intelligence to warn them about specific threats to their organization or their third-party vendors.

Not having the right tools results in a lack of visibility into IT environments, not being alerted to suspicious behaviors or having too many false positives that can fatigue security teams, as they may be attempting to triage over 500 alerts per day.

Trained threat hunters

Finally, not having enough people on the team or people trained in the right areas can impact a security team’s ability to protect their organization, and 59% say their teams are understaffed. Having the goal of improving your external threat reconnaissance requires having trained security analysts, which also involves time, funding and commitment to training in-house. As threats grow in sophistication and frequency, security teams will only need more resources, funding, tools and people.

How to invest in your security teams

What can security leaders do to retain their employees? When there’s a lack of talent, security leaders don’t want to risk losing who they already have. Here are some steps to retain your talent today:

Increase budget and buy-in

Optimizing funding goes hand-in-hand with increasing buy-in from leadership. Does leadership understand the value of threat hunting and how it can protect the organization? No business leader wants to risk being the next headline, so communicating how threat hunting can help protect the organization may result in a higher budget.

Additionally, be sure you’re spending your budget wisely. For example, it’s better to invest in a reputable organization with reliable data sources that will last the next five years, rather than continue spending on merely sufficient tools that aren’t enabling your team. A more efficiently used budget will help you provide tools and training to your analysts that will keep them around.

Invest in external threat-hunting tools and technology

Senior stakeholders should take note: Half of your security analysts would take a pay cut to work at a company with better threat-hunting tools and technology, according to our survey results. This means they’re looking to you to upgrade, or they’ll move on.

For better external threat hunting, start with tools that provide threat intelligence that’s more specific to your organization and provides timely insights about the threats targeting you and your third-party vendors—not just every threat out there. This will better optimize their time and make their discoveries more accurate. As you look to make new threat and risk data source purchases, get your team involved so they can give input on what tools would be best for them.

Prioritize training and development

Security teams need more highly-trained individuals to improve their internal and external threat-hunting capabilities and other tactics. Team members are always looking for opportunities to increase their knowledge and skills through training and certification opportunities. Develop a structured, ongoing training program that includes both technical and soft skills development. This could involve partnerships with educational institutions, subscriptions to online learning platforms or regular in-house workshops led by industry experts.

Don’t forget your supply chain in these decisions. Reach out and collaborate, as you have shared goals of protecting your mutually beneficial partnerships. Offering training and development opportunities can attract new talent, as well, so ensure you are active on social media about courses and include these in job descriptions when advertising.

Conclusion

Cybersecurity leaders can only be successful in protecting their organization if they enable and equip their security teams, ensuring they have the tools and knowledge to be more proactive in their security efforts—especially external threat hunting. With attacks on the rise and available talent at an all-time low, there is little time to make sure your team has what they need and that they’re eager to stick around.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?



Forbes

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *