The UK cyber security sector is experiencing significant challenges with talent acquisition. A recent government study revealed that 50% of all UK businesses have a basic cyber security talent gap and an estimated shortfall of 11,200 people needed to meet the demand of the cyber workforce.
The report — ‘Cybersecurity skills in the UK labour market 2023’ — shows that there is still work to be done to bring fresh talent into the cyber workforce. But this will take time.
Chris Waynforth is the general manager & VP of our international business. Chris is leading Expel’s expansion into EMEA, building on the early success with customers in the region who have seen the light and wish to re-do security the Expel way.
Chris commands over 20 years of experience in cyber security, helping some of the world’s largest banks detect and prevent cyber crime, as well as helping to stop Grinch Bots from stealing PS5s from online stores. As a successful sales leader, he has always led from the front with the support of his team.
Our own research — titled ‘The UK cybersecurity landscape: challenges and opportunities’ — shows that cyber security is one of the biggest challenges facing UK businesses today, underlining the fact that many organizations need urgent support now.
While it is more likely that issues with recruitment, management, and learning and development are causing the perceived talent “gap” than lack of available cyber professionals, there is still an existing avenue to alleviate the strain it brings: channel partners.
IT and security teams need breathing room
The talent gap has a knock-on effect on businesses’ IT and security teams. Understaffed security teams create more pressure on existing personnel, and with cyber threats a constant risk, the pressure only grows for security teams.
Earlier this year, we compiled insights from 500 UK. IT decision-makers (ITDMs) to identify the challenges and obstacles cyber security teams are tackling. We found that 61% of ITDMs reported that they or a member of their cyber security team had experienced burnout due to cyber security risk management.
The cause? There are many, but one stands out: alert fatigue. Another industry buzzword, but for good reason. Alert fatigue happens when the barrage of security alerts constantly hitting an IT and security team’s queue becomes overwhelming.
Read why some customers are frustrated with their digital experience & how to overcome this.
This can lead to analysts not investigating those alerts adequately, or even missing critical alerts altogether. Coupled with the huge responsibility of protecting their organization, it’s unsurprising that analysts can burnout. Our research found that over half (52%) of ITDMs agree their teams spend too much time dealing with unnecessary cyber security notifications.
We also found that, on average, more than a quarter (27%) of allocated security budgets went unused in 2022. This shows how many UK businesses aren’t making full use of their resources, even though their security teams are struggling.
In short, they need some respite — and channel partners can be the ones to provide it.
Actionable alerts
Vendors and channel partners have the potential to collaboratively address the problems security teams are facing — such as alert fatigue — and help customers find more value from their employees and tech stack.
To do this, channel partners should look at how they can provide more insight from the alerts that are delivered to security teams. This is a value add to customers as it ensures the alerts that come through are both accurate and actionable.
Given alert fatigue is a contributing factor to employee burnout, channel partners with solutions geared around automated processes that deal with alerts can be a welcome lifeline to security teams.
Pointing to prioritization
Another time-consuming task for IT and security teams is tackling vulnerabilities.
New and old vulnerabilities are exploited every year, and simply identifying which could be the most harmful is like finding a needle in a haystack — tedious, and generally a poor use of your team's time.
How the IT channel is working to prove the supply chain’s sustainability credentials
This is where channel partners can step in, helping IT and security teams prioritize the most critical vulnerabilities before criminals and threat actors exploit them.
Channel partners who offer prioritization solutions can not only find vulnerabilities but flag those that pose the greatest risk — helping teams take immediate, informed action.
Solutions like these also allow IT and security teams to understand the most urgent risk areas within their detection and response workflows. Investigation and remediation become swift, freeing their time to tackle more business-critical priorities.
Swift implementation
One question does remain, however. If ITDMs are struggling with talent shortages and burnout due to alert fatigue, then why is it that businesses aren’t spending their entire allotted cyber security budgets?
We can only speculate, but it could be due to a perceived lack of quick return on investment (ROI) on cyber security products and services.
To alleviate this, partners can provide solutions and products that can be implemented quickly — providing immediate value.
Why MSPs should focus their attention on data protection services, not backup
With the right automations and solutions in place, IT and security teams can get time back to focus on more strategic security tasks that not only help enable and advance the business, but also keeps personnel engaged.
This is how channel organizations show true value, guiding customers where they have gaps in both their tech and from a human perspective.
Offering solutions that plug these gaps — particularly ones that directly address a reduced, stretched workforce — emphasize channel partners’ role as an invaluable resource and ally for any IT or security team.
