The speed of business is accelerating – and activities are taking off in new directions. Competitive organizations are looking at all of their options for keeping projects moving and customers engaged. For example, remote work that enabled businesses to stay functional through the early days of the pandemic has become a part of strategic plans. It allows companies to cut overhead costs, trading expansive facilities for smaller offices where employees share workspaces when putting in hours onsite. Additionally, a two-year study by Great Place to Work found that most Fortune 500 companies saw remote work productivity levels that equaled or exceeded productivity at the office.
Another trend is using freelance or contract workers rather than hiring full-time employees for project work. This gives businesses the ability to bring in unique expertise as needed rather than hiring full-time employees who may be underutilized. To complete the projects they work on, contractors may have company emails, logins, and access to sensitive data.
Although remote and contract workers could give your company a competitive edge, there may be a challenge you need to overcome before you can utilize them: IT security. And security resources are hard to find.
The IT industry has experienced a security skills shortage for some time, but it’s getting worse, not better. Cybersecurity Ventures anticipated more than 3 million unfilled cybersecurity job openings globally in 2021, an increase of about 1 million from 2014.
The problem is that the number of students pursuing this field or professionals changing their area of specialty can’t keep up with demand. The U.S. Bureau of Labor Statistics puts “information security analyst” in the top 20 fastest-growing jobs, with a growth rate of 33 percent per year.
Furthermore, the security skills shortage has created an environment of fierce competition for professionals within this space. Businesses are challenged to find and recruit qualified people to fill vacant IT security positions -- and retain them when attractive offers come in from other companies.
So, IT security positions may go unfilled and moving forward with plans to enable cloud collaboration among remote employees and contractors becomes a risk. Without adequate security, it’s easy to lose visibility into how remote employees or contractors are using or sharing your data, and it can create vulnerabilities that lead to data loss and risks to network security. You don’t need to look further than recent headlines to see how much of a threat IT vulnerabilities can be. The Colonial Pipeline hack, for example, appears to have been traced to overlooking a simple security best practice – and the company advertised for a cybersecurity manager only weeks before the hack.
One of the reasons that your IT team needs more hands on deck to address security is that traditional security solutions are often more complex than they should be. Traditional security technology vendors continue to offer “do-it-yourself” solutions that require your team to piecemeal the security your operation needs. Addressing security with those solutions requires more resources – which many businesses simply cannot find.
An alternative to hiring more security resources is outsourcing to IT security firms rather than investing in in-house resources. However, this option can be expensive and creates dependence on a partner that won’t be easy to end. Additionally, your outsourced IT security provider may not be able to accommodate your schedule or meet all of your needs. Moreover, if you experience a cyberattack or security breach, there can be a question about whether culpability lies with your team or the third-party provider.
There isn’t much that the industry can do to speed up the process of training the number of skilled security professionals to catch up with demand. However, changing your approach to security can help you to keep your data and your network safe with the IT staff that you currently employ. It is possible to protect your data and your network as your IT environment expands to include remote workers and contractors who leverage cloud solutions for collaboration.
In the next blog in this series, we’ll talk about how to secure your on-premises and cloud computing environment by leveraging and growing your business’ internal IT expertise.