Menu
Menu
Cloud adoption was already growing rapidly, but that growth got a supercharge with the pandemic: the cloud has been critical for organizations transitioning to remote work strategies in a short timeframe. One of the key challenges of this increased reliance on cloud resources is establishing and maintaining consistent security, including unified visibility and control, to see and mitigate threats and deal with misconfigurations in a seamless manner.
The cloud comes with its own specific set of security considerations. Organizations need to find ways to secure data that is regularly moved between private and public clouds. To further complicate matters, an increasing number of cloud compute infrastructures also rely on hyperscale to manage and process often massive amounts of data. Workflows and applications need to securely travel across and between different clouds, data centers and devices to accomplish their tasks. Security also needs to scale to safeguard the north-south as well as the east-west traffic. According to Gartner, by 2021, 90% of all web-enabled applications will have more surface area for attack due to exposed APIs, rather than just the user interface – up from just 40% in 2019.
The lack of professionals skilled in both cloud and security strategies and technologies increases the level of risk to the network. In a recent survey commissioned by Fortinet, 68% of respondents reported that their companies struggle to recruit, hire and retain cybersecurity talent. Respondents named cloud security architects as one of the most challenging jobs to fill. This is probably due to the high demand for such individuals, because most organizations’ infrastructures are increasingly complex due to things like operating dynamic clouds, and the prioritization of the security of these environments.
With 76% of respondents saying that a lack of skilled security professionals is creating new risks across their organizations, it is clear that the situation is dire.
In addition, new initiatives like rolling out new cloud-based applications, migrating or extending data and other resources from public clouds back to private clouds, and consuming SaaS solutions – such as Salesforce, Office 365 or unified communications – makes developing a consistent and easy-to-manage cloud security strategy increasingly vital. Yet this skills gap compounds the challenge of implementing an effective cloud security strategy even further. It is most acutely felt in specialized areas such as securing and managing multi-cloud infrastructures, and within DevOps teams tasked with developing business-critical applications.
To overcome this skills gap, organizations heavily promote cloud security roles on job sites and focus on retention by offering high salaries, maximizing opportunities for advancement and providing a healthy work culture. But organizations need to go beyond traditional means of recruiting security talent. This includes employers encouraging individuals to pursue cloud technology-focused certifications as they recognize that such certifications demonstrate knowledge and expertise in various cybersecurity concepts and abilities.
Because the field of cybersecurity is continually changing, certifications are a valuable way to keep up with the evolving threat landscape, as well as enable those without a technical background to obtain training so they can transition into a career in cybersecurity. This then helps to fill in the cloud security skills gap. And those already in the field can update their cybersecurity knowledge each time they renew their certification. This keeps professionals at the top of their game and lets employers know that their staff has the most current training available.
Cloud security skills are needed like never before, particularly in light of the mass exodus to remote work necessitated by the pandemic. At the same time, these skills have never been harder to find. Research demonstrates that this lack of properly trained professionals puts organizations at higher risk for cyber incidents, especially as attackers take advantages of security holes arising from an almost boundless “perimeter.” New threats and the addition of new technologies call for new methods to find and retain cloud security talent. This includes using certifications as a hiring yardstick to ensure applicants have the needed skills and as a way to upskill current employees.
Article Resource: https://cloudcomputing-news.net/news/2020/aug/17/how-to-build-the-talent-pipeline-to-close-the-cloud-security-skills-gap/
