Tackling the Unsustainable Skills Challenge in Cybersecurity and Observability

May 15, 2024
Written by
Nick Heudecker's Image

Nick Heudecker leads market strategy and competitive intelligence at Cribl. Prior to join... Read Moreing Cribl, he spent over seven years as an industry analyst at Gartner, covering the data and analytics market. With over twenty years of experience, he has led engineering and product teams across multiple successful startups in the media and advertising industries. Read Less

Categories: Learn

This is the third and final post in a series of blog posts about the disconnect between modern IT and security teams and the vendors they’re forced to work with. If you’re looking for the first and second posts, you can find them here and here.

In the rapidly evolving fields of cybersecurity and observability, a significant disconnect threatens to undermine the efficacy and efficiency of teams across the industry: the unsustainable skills challenge. As enterprises find themselves navigating a sea of tools and technologies, the complexity of managing this diverse ecosystem is reaching a critical point. Hiring is difficult already. Stacking a laundry list of esoteric skills on a job description only makes it harder. Let’s look at some of the causes of the skills challenge and peek at some potential remedies.

The Overwhelming Tool Sprawl

First up, tools – or at least the number of them in use. Imagine the daunting task facing security teams today, who, on average, juggle nearly eighty different tools in their arsenal. Each of these tools comes with its own unique language, nuances, and administrative requirements, exponentially compounding the complexity of an already challenging environment. This tool sprawl not only places a heavy administrative burden on teams but also significantly complicates the hiring process.

Vendors, for their part, are pitching consolidation messages. This is a predictable move as it concentrates more power, and contract value, into fewer and fewer vendors. However, companies that are consolidating aren’t saving money, and they aren’t simplifying their skills struggle as these consolidated platforms are often a poorly integrated mix of built and acquired tools, leading to uneven and inconsistent experiences.

The Training Conundrum

Addressing the skills gap through training is a logical step, yet it’s far from a panacea. Training staff on an ever-growing list of tools and technologies delays their operational effectiveness and escalates costs. Moreover, the diverse mix of data and protocol standards—ranging from legacy systems to the latest frameworks—adds another layer of complexity, making it increasingly difficult to ensure staff are equipped with the knowledge and skills needed to navigate this labyrinth.

The Standards Struggle

The struggle with data standards further exacerbates the issue. The inconsistency in support for various standards across tools means that teams often find themselves wrestling with data formatting and interoperability issues. This not only drains valuable time but also contributes to staff burnout, as the constant battle with incompatible standards and incomplete protocols becomes a source of frustration and inefficiency.

We see this today with OpenTelemetry. The standards have taken so long to produce that vendors have implemented OpenTelemetry to their own interpretation of the draft standards. This means that, while standards exist, the implementation of those standards varies widely across vendor products and platforms.

The “Box of LEGOs” Approach

Many vendors adopt a modular approach to their products, likening them to a “box of LEGOs” that users can piece together to create custom solutions. While this may appeal to data engineers and integrators, it presents a cumbersome and impractical challenge for IT and security professionals. This fragile approach places enterprises just one step away from potential downtime on mission-critical systems, highlighting the precarious balance between customization and operational stability.

The Promise and Pitfalls of Automation

Automation, particularly through AIOps, has been heralded as a potential solution to the skills challenge. However, its promise remains largely unfulfilled, with significant gains yet to be realized for teams and hiring managers. The expectation that automation could alleviate the burden of manual tasks and compensate for the skills gap has not materialized as hoped, leaving many to question the feasibility of relying on AIOps as a standalone solution.

Moving Forward

The path forward requires a multifaceted approach. Enterprises must advocate for more intuitive, standardized tools that reduce the learning curve and cognitive overhead. Vendors should strive for greater interoperability and simplicity in their product offerings, moving away from the “box of LEGOs” approach to more holistic, integrated solutions. Meanwhile, the continued exploration of automation and AIOps as part of a broader strategy to augment human capabilities is essential.

In navigating the unsustainable skills challenge, collaboration between vendors, enterprises, and educational institutions will be key. By working together to streamline tools, standardize protocols, and enhance training and support, the industry can begin to close the skills gap, reducing burnout and enabling teams to focus on their core mission: safeguarding and optimizing their digital environments.

If you want to see how Cribl is removing the toil from IT and security operations while making tools easier to use, join us at CriblCon on June 10th in Las Vegas. We’re announcing new products and features, and it’s a chance to connect with the brightest minds in cybersecurity and observability.

Not Vegas bound? No worries – join a webinar, blog or sandbox to learn more about Cribl.



Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.

We offer free training, certifications, and a free tier across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started and continue to build and evolve. We also offer a variety of hands-on Sandboxes for those interested in how companies globally leverage our products for their data challenges.

Feature Image

Cribl Packs a Punch: Unpacking the Integration with Microsoft Azure Sentinel with Cribl Source and Destination Packs

Read More
Feature Image

Finding a Better Way to Work in the Cloud!

Read More
Feature Image

RSAC 2024: New Alliances, Integrations, and Helping Customers Transform their Data Management Strategy

Read More

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.


So you're rockin' Internet Explorer!

Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari

Got one of those handy?