Shifting Right People to the Right Job
Shifting of the ownership to empowered teams:
It is generally felt that cybersecurity is all about hacking into or breaking things, but cybersecurity in fact is all about learning how technology (and people) work. The key is not a technical background, but one’s willingness and desire to learn how the technology works and to never stop playing.
PASSION TO LEARN
To ease the pressure on experienced people, one needs to bring in right people who have a passion to learn new technologies and understand how it works. It is also necessary to create automation in cybersecurity. The goal is to reduce the number of threats by eliminating vulnerabilities through the prevention of known threats and the identification of zero-day attacks.
According to Pawan, cybersecurity automation is also about making data collection faster and more efficient by bringing in artificial intelligence (AI) and machine learning (ML) technologies and processes into the fold to increase organizations’ analytic capabilities, eliminating tedious, time-consuming non-cognitive tasks to free up IT security experts so they can focus on higherpriority RESPONSIBILITIES and tasks.
Some examples of process automation solutions and platforms for cybersecurity include Robotic Process Automation (RPA), Security Orchestration Automation and Response (SOAR) and deep and dark web analysis.
Cybers e c u r i t y a u t o mati o n wi l l ease the burden on senior resources and offer advantages in terms of being able to use security professionals most effectively. Using automation one can integrate security in the DevOps rituals and transform security to the Dev-First security approach. It is also necessary to shift the ownership to empowered teams.
Kiran says: “Survival of the fittest may work in the animal kingdom but grooming the less experienced resource requires a substantial investment of time, a sincere interest in employee development and a dash of humility.”
HIERARCHY & AUTOMATION
Some of the things that can be shifted to people with less experience are day-to-day operations, repeat issues management and audit coordination. Sourabh says: “They can also take care of closure/documentation once critical incident and the overall approach are