The Security Ledger Podcast
Spotlight: Is There A Cure For InfoSec’s Headcount Headache?
In this Spotlight Podcast, Pondurance Chief Strategy Officer Lyndon Brown joins me to talk about how changes in both the threat landscape and the workplace are driving demand for managed detection and response services, in which companies hire outside security talent to help keep sophisticated cyber adversaries at bay.
As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.
[MP3]
Change is the one constant in the information security field, where the bad guys set the tone and whose hunger for profits drive rapid evolution in both threats and attacks.
These days, the plague du jour is ransomware, in which cyber criminal gangs infiltrate companies, encrypt sensitive information and systems and – increasingly – offer threaten to leak stolen data to increase the leverage on their victims.
Unfortunately, the “fix” for the ransomware problem isn’t straight forward. Enterprise perimeters had already deteriorated well before the COVID pandemic and the rapid shift to remote work battered down what was left of them. Phishing attacks, credential stuffing and application layer attacks like SQL injection reliably provide access to corporate environments. Perimeter based detections and blocking offer little in the way of protection against these risks.
Lyndon Brown is the Chief Strategy Officer at Pondurance
Increasingly the solution for organizations is to bring in security experts to help keep hackers at bay. But that runs up against another urgent problem: a severe shortage of cyber security workers, especially in sectors like healthcare and government. In July, for example, the Department of Homeland Security announced that it had completed its most successful cybersecurity hiring drive ever and that it still had more than 1,800 vacancies for cyber security workers.
One answer to the cybersecurity talent shortage is