Any business looking to scale its digital operations efficiently and cost-effectively should consider the cloud. There’s only one problem: the number of people capable of securely managing that transition from the sweaty server rooms of yesteryear to the humming hyperscale warehouses of tomorrow is diminishing. According to a recent report by Gartner, while 70% of organisations reported they were accelerating their migration to the cloud, 80% of respondents struggled to source the necessary security expertise to secure these environments in the first place.
This is exactly why integrating security practices as early as possible into the development cycle is essential for businesses. Security strategies must align with the shifting priorities of businesses, as most aim to ensure their cloud deployments are secure before committing to a platform. This proactive approach is often referred to in the industry as a ‘shift-left’ strategy. It applies as much to non-critical workloads as critical, gumming up the lift-and-shift process and demanding more time and concentration from a diminishing talent pool. This gap also results in friction between security and development teams, underscoring the need for better training and expertise in secure coding practices.
Fortunately, though, a lack of manpower needn’t thwart your company’s leap into the cloud. One approach is fostering in-house expertise in secure coding and cybersecurity practices. Additionally, leveraging automated tools and security solutions can help reduce the burden on teams by identifying vulnerabilities early in the development process, allowing security professionals to focus on higher-level threats. Both collaboration between development and security teams, as well as upskilling non-technical teams, can help bridge the gap and drive a more secure development cycle.
Improving the skills gap
A shortage in cloud security security personnel creates new burdens for existing security teams. It can lead to mistakes and security breaches, which in turn can accelerate churn and burnout. To address the challenges posed by skill shortages, organisations should recognise that mistakes leading to breaches impact not only critical workloads but also non-critical ones. One approach to address the skills gap is to invest in continuous learning and development programmes, fostering in-house expertise in secure coding and cybersecurity practices.
With this, leaders can start by encouraging employees to participate in upskilling programmes provided by the organisation’s cloud platform vendors. These certifications prepare teams to tackle emerging threats, manage complex challenges, and collaborate effectively during breaches. Without such training, teams risk exposing organisations to increased cyberattacks as they struggle to adapt to evolving security demands and regulatory standards. For teams with larger budgets, hiring specialised talent to oversee cloud migration can be an alternative.
By fostering better collaboration and upskilling both technical and non-technical groups, organisations can streamline cloud migrations, reduce delays, and enhance security across all workloads, critical or otherwise.
Platformisation leading the way
Platformisation has also become a critical element in modern cybersecurity strategies for securing cloud environments and addressing the growing skills shortages. By consolidating and integrating various security functions, organisations can streamline their defences against increasingly sophisticated threats and, through automation, avoid common errors that leave workloads exposed.
This approach can enable rapid detection of incidents – within 10 seconds – and swift remediation in just one minute on average. In the context of cloud security, such efficiency is essential for protecting sensitive data and ensuring business continuity. Furthermore, platformisation helps mitigate the cybersecurity skills gap in the cloud by simplifying complex security management tasks, allowing teams to focus on higher-value activities and reducing the reliance on specialised expertise. Ultimately, this strategy accelerates response times and strengthens resilience, reducing both financial and reputational risks for organisations.
It’s vital that businesses have a streamlined and efficient approach to cybersecurity in place, with a cloud setup significantly expanding a business’ attack surface. Platformisation should be at the core of this, enabling them to view their vulnerabilities and manage them through a single pane of glass rather than complicating their defence posture with a variety of cybersecurity vendors.
Scott McKinnon is Palo Alto Networks’ chief security officer for the UK and Ireland.
Read more: Skills shortages aren’t the reason for low AI uptake in the workplace – it’s the AI tools themselves
