Building a SOC while growing security talent

The recent MasterCard lawsuit against Nike for “stealing” their CISO and other key security talent is only the tip of the iceberg. The keynote at our International ISSA conference last year was Admiral Rogers from the NSA talking about their shortage of security talent. So, how do we get more people interested in our field? I personally couldn’t think of a better field to be in and not just due to the shortage, but how strategic our roles can be in helping a business succeed.

In reading many of the email lists that I am on, it seems that 2015 is the year of companies building out their Security Operations Center (SOC). A 24×7 monitoring capability to watch for critical security events. This talent is even harder to find and retain. So, many companies outsource this completely or use a hybrid model.

In visiting with various departments at multiple companies, I have seen that despite the bad reputation that Help Desk employees usually receive, this may be a hidden place to find really good security talent. Especially if you already have a 24×7 help desk. If you use a hybrid model and have a MSSP partner with you, the Help Desk night staff, or at least a small tiger team can watch your security dashboards. When they spot an anomaly, they can escalate to the MSSP. Try it for 6 months and see what you discover. There are usually at least 1 or 2 members that have an aptitude for analytics even though they didn’t know it. They love to solve problems and just needed some guidance as to taking the wide range of knowledge they already have and applying it specifically to protecting our data. They may not have the communication skills needed to interface with the business, but that is one of the drivers to create both technical and leadership career paths.

Besides this, forming ISSA student chapters, investing heavily in local cyber patriot mentor programs as well as the cyber collegiate defense competition are the primary ways I see us growing our talent pool.

What have you seen work? Is this similar to the ongoing nursing shortage in the medical field?