Outsourcing key to overcoming the cybersecurity skills gap

Outsourcing cybersecurity services will become integral to every effective corporate cybersecurity strategy in 2023 says Kaspersky. The importance of such an approach becomes even more critical at a time when third-party research shows that 75% of companies across Africa are encountering challenges in recruiting and retaining qualified cyber professionals.

Says Brandon Muller, technology expert and consultant for the MEA region at Kaspersky: “Our research shows an increase in persistent and sophisticated attacks targeting Africa, with South Africa labelled as a country with a higher level of APTs (advanced persistent threats). The rise in APT techniques targeting businesses should be of great concern. These are the most sophisticated types of attacks where cybercriminals steal money and access credentials which they sell on the Dark Web. Kaspersky research has also found five different APTs active in South Africa which contrasts significantly with the one to three found in other African countries.”

Moreover, Muller says that Kaspersky expects the ‘hack-and-leak’ attack format to also grow in the coming months. This is where cybercriminals infiltrate an organisation, steal their info, and release that into the public domain.

A recent survey conducted by Kaspersky shows that in South Africa, almost half (45%) of companies were aware of cybersecurity incidents affecting their businesses over the past 24 months and87% of business leaders have heard of cyberattacks in other companies. Additionally, 87% of South African businesses that participated in the survey experience cybersecurity skills shortage to various degrees.

"In the wake of this, 29% of local decision-makers have sought external IT security expert advice while 52% are looking to implement additional security policies. However, only 8% are considering increasing the number of IT security personnel which points to a larger concern around the availability of these skill sets in Africa,” adds Muller.

Sergey Soldatov, head of the Security Operations Centre at Kaspersky, believes that the likes of Managed Detection and Response (MDR), Threat Intelligence, and personnel training could mitigate against the risk of the significant skills cybersecurity gap not only in Africa but the rest of the world.

“MDR delivers advanced, round-the-clock outsourced cybersecurity protection from the growing volume of threats circumventing automated security barriers. This is a continuous incident detection service where the focus is on cyber threat hunting especially when it comes to new malware detection, non-malware attack detection, and APT attack detection. MDR should be seen as a way to augment existing cybersecurity practices,” says Soldatov.

Most security teams take an alert-driven approach to cybersecurity incidents, reacting only after an incident has already taken place. Meanwhile, new threats move in under the radar, leaving companies with a false sense of security. Businesses are increasingly recognising the need to proactively hunt out threats lying undiscovered but still active within their corporate infrastructures.

“There is a clear need for a comprehensive cybersecurity solution that provides a combination of products and services around protection. This delivers automated and manual coverage to encompass detection at any stage whether it happens before a breach takes place or after it has succeeded,” says Soldatov.

Soldatov notes that MDR is a service, and when organisations use outsourcing instead of buying products they move their capital expenses to operational expenses, which is better for non-core businesses.

Charl Ueckermann, Group CEO at IT Governance and Architectural services consultancy AVeS Cyber Security, believes that solutions like Kaspersky MDR becomes essential to combat the current skills shortage.

“But more than that, companies must embark on ongoing awareness training for employees to strengthen the human firewall. Complementing this training with Kaspersky MDR provides companies with a more integrated approach to safeguarding their digital environments,” says Ueckermann.

He says that managing cybersecurity has become a fuzzy concept for many local businesses.

“People better need to understand what cybersecurity entails. When an organisation needs to manage cybersecurity, it cannot throw money at products and services. It must start with a proper assessment, following by a practical plan that is fit for purpose to help the company reduce its overall risk profile. From there, the important remediation phase comes in that focuses on the right solutions and services for the specific enterprise or SME,” concludes Ueckermann.