How to Value Your Time as a Cyber Pro

Contributing Writer

If you search for ”What does a cybersecurity specialist do?”, the answer will almost certainly include key aspects of your role. For example: developing, testing, analyzing, and implementing security systems, responding to threats and attacks, developing threat prevention strategies, and reporting to your team and the business.

What it won’t talk about are all the routine jobs that get in the way of more important tasks and take far more time than they should, such as patch management, checking system configurations, working with multiple consoles, dealing with employee mistakes, and teaching good cyber hygiene. 

As many of these jobs can now be automated, how can you build a convincing case to get more time for tasks with the greatest value rather than jobs you simply have to get done?

Here are five easy ways to justify the tools you need to improve your working day, career prospects, organizational security, and more.

Your Salary

It may seem obvious, but as a cyber pro you’re a valuable resource. According to one source in April 2021, the typical salary range for an IT Security Specialist was $103,944–$123,648. The average was $113,558.1

Assuming you work a 40-hour week and receive 25 days of paid holiday a year, this equates to around $60 for every hour you’re actually working. But how many hours are spent on tasks that should be below your pay grade? And what percentage of your time do they take up? If you’re spending 10% of your time on routine tasks, that’s at least $10,000 that could have been invested in tools that free up your time, help you be more productive, and deliver greater business value.

The Costs of a Data Breach 

In a recent report by Kaspersky, they found the average financial impact of a data breach on small and medium businesses was $101,000.2 For an enterprise it was $1.09 million. Another Kaspersky study found that speed of response was vital.3 For successful attacks, financial losses were 32% lower if the breach was responded to in less than a week, but rose to $118,000 and $1.34 million respectively for responses taking more than a week. This easily justifies the cost of tools that support rapid threat detection and response initiatives.

Your CISO’s #1 Priority

In a third Kaspersky report, when asked “How is your performance in your role measured (KPIs)?”, the top answer was “Quality and speed of incident response handling.” Of those surveyed, 76% of CISOs mentioned KPI.4 This answer was ahead of compliance track record (59%), reduction of incidents year-on-year (52%), and overall number of incidents (51%).

Your CISO wants you to respond to security incidents as quickly and effectively as possible—another excellent justification for having the best available tools.

The Cybersecurity Workforce Gap

In many disciplines, if a team or individual has insufficient time or skills for the work they need to do, they’ll look to recruit additional talent. 

Unfortunately, according to (ISC)2, 64% of respondents reported a shortage of dedicated cybersecurity staff, and 56% said this put their organization at risk.5 The report estimated the cybersecurity workforce gap (the difference between the number of skilled professionals that organizations need to protect their critical assets and the actual capacity available to take on this work) to be 3.1 million cybersecurity specialists worldwide.

If a business can’t recruit its way out of the cybersecurity talent shortage, then this is a very strong case for maximizing the resources it already has. This starting point for which should be to stop doing unnecessary tasks. Spend saved time on upskilling and certification so you’re ready to take on increasingly advanced IT security tasks and roles.

The Tools Are Out There

Although endpoint detection and response (EDR) has something of a checkered history in terms of being difficult to use, the latest generation of products can integrate with your existing endpoint security—and be as easy to use. They can also incorporate a high level of automation for many routine tasks, and help you address a variety of issues around IT security infrastructure complexity. 

Meanwhile, managed detection and response (MDR) allows you to offload particularly taxing tasks like detection, threat hunting, and incident investigation. It also lets you receive guided response scenarios and advanced, round-the-clock protection against threats that can otherwise bypass your traditional security barriers.

Using these tools can make you more efficient by focusing your time on critical tasks that really demand your involvement. They also help you leverage advanced models to significantly increase analyst throughput and minimize mean-time-to-respond. Not only that, implementing them will help you deliver even better value as a cyber pro, significantly reduce the risks of a costly data breach, pressure management to recruit hard-to-find staff, and keep your CISO happy by helping them deliver their #1 KPI. 

Need Help?

Whether you want to strengthen your internal defenses or combat the latest threats with expert external guidance, Connection can help. We also offer cloud-enabled Kaspersky Optimum Security so that you can be protected from old, current, new, unknown, and evasive threats—all without prohibitive costs or complexity. Contact an Account Manager for more information at 1.800.800.0019.

1, 2021, IT Security Specialist Salary
2 Kaspersky, 2020, IT Security Economics 2020: Part 2
3 Kaspersky, 2020, Incident Response Analyst Report
4 Kaspersky, 2018, What it takes to be a CISO: Success and leadership in corporate IT security
5 (ISC)2, 2020, Cybersecurity Workforce Study