The IT industry is facing an enormous problem: there’s a skills shortage of cybersecurity talent. Forty-five percent of organizations report a “problematic shortage” of cybersecurity skills—more than any other area of IT. The problem is so bad that the cybersecurity workforce gap is on pace to hit 1.8 million by 2022, a 20% increase from 2015.
This shortage will have a drastic impact upon the public and private sectors. However, the right technology can help ease the burden. Identity and Access Management (IAM) solutions are productivity multipliers that can alleviate the issues caused by this talent shortage.
In the first part of this two-part series, you’ll learn how IAM automates repetitive, manual, and tedious tasks, so that your IT team can do more with less.
What’s the Impact of the Shortage?
A 2016 study performed by the Information Security Systems Association (ISSA) shows how critical this skills shortage is across the globe. Fifty-four percent of ISSA members surveyed said that the shortage increased the cybersecurity staff’s workload, while 35 percent said that they’ve had to hire and train junior staff rather than hire personnel with the appropriate level of experience. Another 35 percent believe that the skills shortage creates a situation in which the cybersecurity team hasn’t had the time to learn or use these technologies to their full potential.
Moreover, the lack of qualified professionals and the overwhelming cybersecurity workload only exacerbate security events and data breaches. There are simply too many things to do (such as investigate alerts, scan for software vulnerabilities, remediate risks, etc.) for cybersecurity teams to keep up with.
Organizations are feeling the pinch; in a 2017 report published by Frost & Sullivan for the Center for Cyber Safety and Education, 66 percent of respondents said they didn’t have enough workers to address current threats.
As a result, hiring managers are filling cybersecurity roles with individuals who have more diverse skill sets and non-technical backgrounds. These workers lack in-depth prior cybersecurity experience, only further perpetuating security issues.
How Does Modern IAM Help?
The right technology plays a significant role in allowing an IT department to do more with less, and an IAM solution is that technology.
End-User Self-Service
For starters, IAM solutions automate time-consuming and repetitive tasks. With an IAM solution, you can enable end user self-service, which allows users to manage their own accounts and perform such tasks as setting and resetting passwords. End user self-service minimizes help desk workloads, so IT personnel can deal with other, higher-priority cybersecurity issues. Moreover, the end user experience is better, because end users get the help they need faster.
Lone Star College is an excellent example of what an IT department can do with IAM solutions. The third-largest higher education system in the US implemented our IAM solution, RapidIdentity, including end user self-service functionality. As a result, help desk calls dropped by 50 percent, representing a soft cost savings of more than $400,000 per year.
Automated Lifecycle Management
Second, IAM solutions automate the process of lifecycle management. IT no longer has to waste valuable time and resources creating accounts, managing them, and deprovisioning them. For many Identity Automation customers, these activities consumed one to two full-time equivalent hours prior to implementing IAM—time that is now much better spent on more strategic initiatives.
So, for example, when the HR department adds someone to the HRIS system, an account is automatically created and provisioned with the correct access. If a change is made in the HRIS system, the IAM solution recognizes that modification and automatically pushes the update to the Active Directory as well as all downstream systems. And when HR terminates an employee in the HRIS system, his or her access to corporate systems is also automatically terminated.
One benefit of this approach is that there’s no entitlement creep—employees have what they need to do their jobs and no more. Moreover, there are no accounts left open after an employee leaves the company, so he or she can’t cause damage or steal information.
Delegated Administration
Third, IAM solutions allow you to delegate administrative tasks. Delegation empowers business managers to create and manage accounts and handle access requests for contractors and other third parties. After all, who knows better than the business manager or specific system owner about which employee or contractor needs what level of access, and for how long?
With IAM solutions, you can manage the evolving threat landscape, while remaining efficient and agile, delivering excellent value to your organization. The cybersecurity skills shortage isn’t going away anytime soon, but the right technological solutions allow your department to weather the storm.
In part two of this series, we’ll discuss the other ways in which IAM solutions help IT departments navigate the cybersecurity staffing shortage.
Comments