The Great Resignation Requires Security Vigilance and Automation
From an IT security perspective, consequences from The Great Resignation demand extra vigilance and a greater degree of automation.
How the Great Resignation Is Affecting IT Departments
Many IT and security personnel quit or were laid off during the pandemic. And according to the Microsoft 2021 Work Trend Index, many more resignations are to be expected in the coming months. Some are even calling it the “Great Resignation.”
The Microsoft study found that 40% of people plan to change jobs. In IT:
- 14% of those switching jobs want to move to a different company.
- 11% plan to open a business.
- 11% plan to go part-time.
- 10% intend to move locations or become a contractor.
- 8% intend to abandon IT.
There are a couple of important consequences of this from a security perspective that demand extra vigilance as well as a greater degree of automation.
IT Security Vigilance
IT and security are areas where personnel numbers have largely dwindled over the last decade or so. Organizations constantly demanded for more to be done by far fewer personnel. Whereas IT teams used to be split into networking, compute, application, storage, and security teams, the IT generalist has become the norm in many places. There are fewer people covering a lot more territory.
The cloud has accelerated this trend. Companies now dump a lot of traffic onto hyperscalers and convince themselves that they can make do with a threadbare internal crew.
But with one wave of personnel exits behind us and another one coming soon, the likelihood of internally generated breaches magnifies. Aberdeen Group recommends extra vigilance related to departing personnel taking data or IP with them. According to the research study, at least one in three (33%) reported data breaches involve an insider.
With the Great Resignation upon us, that number is likely to increase.
IT Security Automation
“Never was so much owed by so many to so few,” said British prime minister Winston Churchill during the Battle of Britain in 1940.
If he was a CIO today, that might be paraphrased to, “Never was so much been dumped onto the shoulders of so few.”
Threadbare IT and security departments are scrambling to cope with a surge of ransomware and a colossal increase in phishing and other threats. They typically work in an IT department where they are expected to generate apps like a genie in a magic lantern granting wishes to insatiable Line of Business (LOB) heads.
At the same time, they are told to digitize the business tomorrow, move everything to the cloud, and allow LOB managers to run their own cloud operations – while supporting a largely remote workforce. So, what is to be done?
Churchill also said: “If you’re going through hell, keep going.”
In today’s overstrained security environment, he may well have said, “If you’re going through hell, keep going – and automate.”
The only way to cope in this climate is to implement technologies that reduce the IT and security workload. Automation is the key. As many security duties as possible should be automated to relieve the burden on IT.
As much as possible, the security duties should be streamlined. Minimize the number of screens and dashboards that have to be reviewed. Find some way to cut the time it takes to go through logs – some systems analyze them automatically and provide IT with recommendations and summaries.
How Syxsense Can Help
Syxsense can help, too. It brings together IT management, vulnerability scanning and patch management in one integrated console. With the possibility of data exfiltration growing, it can help vulnerabilities that make it easier to transmit data out of the organization.
It can also spot open ports and other vulnerabilities that can be used to breach enterprise data. From a patching standpoint, Syxsense is the ideal way to automate patch management. It tests, prioritizes and deploys patches throughout the enterprise efficiently with minimal input from IT.