Automating Cybersecurity Functions to Maximize Existing Cyber Talent

The U.S. federal government continues to face a severe skills shortage for cybersecurity professionals. It’s not just government – the entire country only has enough workers to fill 85% of the cybersecurity jobs throughout the economy, according to research from Cyberseek, a joint initiative of Lightcast, the National Institute of Standards and Technology’s NICE program, and the Computing Technology Industry Association (CompTIA).

I talk about this skill shortage in an article recently published by Washington Technology. As a long-time federal contractor focused on security, I’ve seen this challenge up close and personal. I’ve also seen the effectiveness of automating cybersecurity functions wherever possible. By doing so, agencies address the need for cybersecurity professionals and better leverage existing talent to increase workforce effectiveness and employee satisfaction.

Automation removes the burden of mundane and less interesting tasks from entry-level cybersecurity staff, improving job satisfaction and retention. Automation also helps agencies and contractors address the “three V’s” of the cybersecurity challenge: the increasing volume, variety, and velocity of emerging cyber threats.

• Volume

Agencies and contractors must manage a vast number of assets over an enormous area throughout the country, or even the world. This requires a large workforce capable of monitoring such a large volume of assets.

• Variety

The federal government operates across a broad range of mission areas, requiring agencies and contractors to maintain an equally wide range of physical and virtual assets that extend beyond IT. These include operational technology (OT), the Internet of Things (IoT), building management systems (BMS), and more. Again, this increases the need for more staff than might be needed in a more singularly focused environment.

• Velocity

Artificial Intelligence (AI) and Machine Learning (ML) used by adversaries has increased the speed by which they develop and use new tools to penetrate, exploit, and compromise Federal Government systems. This is amplified by the expansion and diversification of the attack surface associated with critical government missions. It is evermore critical to utilize a robust discovery process to understand the precise attack surface agencies need to defend where failure to see, prioritize and remediate threats can have life-or-death consequences.

How Armis Can Help

Armis Centrix™, our FedRAMP and DISA IL authorized AI-driven platform, helps agencies quickly remove visibility gaps and provides a holistic picture of their risk posture with real-time visibility into all connected assets in the environment. This includes everything—IT, OT, IoT, and IoMT. Through one pane of glass, agencies can proactively identify and manage risks to strengthen their security posture with a single, comprehensive, and accurate inventory of everything on the network.

Many federal agencies still rely on legacy systems and outdated IT infrastructure that may be vulnerable to cyberattacks. What worked in years past will not suffice. Transitioning to more modern, automated and secure technologies is essential to reduce vulnerabilities and enhance cybersecurity. Bold changes are required to meet rising nation-state attacks, changes that do not rely on legacy models, contracts, or solutions.

As agencies grapple with these challenges, maximizing all the cybersecurity talent available in government today is imperative. Adopting increased automation of security tasks is something agencies can do immediately to improve their security posture.