This is the third and final post in a series of blog posts about the disconnect between modern IT and security teams and the vendors they’re forced to work with. If you’re looking for the first and second posts, you can find them here and here.

In the rapidly evolving fields of cybersecurity and observability, a significant disconnect threatens to undermine the efficacy and efficiency of teams across the industry: the unsustainable skills challenge. As enterprises find themselves navigating a sea of tools and technologies, the complexity of managing this diverse ecosystem is reaching a critical point. Hiring is difficult already. Stacking a laundry list of esoteric skills on a job description only makes it harder. Let’s look at some of the causes of the skills challenge and peek at some potential remedies.

The Overwhelming Tool Sprawl

First up, tools – or at least the number of them in use. Imagine the daunting task facing security teams today, who, on average, juggle nearly eighty different tools in their arsenal. Each of these tools comes with its own unique language, nuances, and administrative requirements, exponentially compounding the complexity of an already challenging environment. This tool sprawl not only places a heavy administrative burden on teams but also significantly complicates the hiring process.

Vendors, for their part, are pitching consolidation messages. This is a predictable move as it concentrates more power, and contract value, into fewer and fewer vendors. However, companies that are consolidating aren’t saving money, and they aren’t simplifying their skills struggle as these consolidated platforms are often a poorly integrated mix of built and acquired tools, leading to uneven and inconsistent experiences.

The Training Conundrum

Addressing the skills gap through training is a logical step, yet it’s far from a panacea. Training staff on an ever-growing list of tools and technologies delays their operational effectiveness and escalates costs. Moreover, the diverse mix of data and protocol standards—ranging from legacy systems to the latest frameworks—adds another layer of complexity, making it increasingly difficult to ensure staff are equipped with the knowledge and skills needed to navigate this labyrinth.

The Standards Struggle

The struggle with data standards further exacerbates the issue. The inconsistency in support for various standards across tools means that teams often find themselves wrestling with data formatting and interoperability issues. This not only drains valuable time but also contributes to staff burnout, as the constant battle with incompatible standards and incomplete protocols becomes a source of frustration and inefficiency.

We see this today with OpenTelemetry. The standards have taken so long to produce that vendors have implemented OpenTelemetry to their own interpretation of the draft standards. This means that, while standards exist, the implementation of those standards varies widely across vendor products and platforms.

The “Box of LEGOs” Approach

Many vendors adopt a modular approach to their products, likening them to a “box of LEGOs” that users can piece together to create custom solutions. While this may appeal to data engineers and integrators, it presents a cumbersome and impractical challenge for IT and security professionals. This fragile approach places enterprises just one step away from potential downtime on mission-critical systems, highlighting the precarious balance between customization and operational stability.

The Promise and Pitfalls of Automation

Automation, particularly through AIOps, has been heralded as a potential solution to the skills challenge. However, its promise remains largely unfulfilled, with significant gains yet to be realized for teams and hiring managers. The expectation that automation could alleviate the burden of manual tasks and compensate for the skills gap has not materialized as hoped, leaving many to question the feasibility of relying on AIOps as a standalone solution.

Moving Forward

The path forward requires a multifaceted approach. Enterprises must advocate for more intuitive, standardized tools that reduce the learning curve and cognitive overhead. Vendors should strive for greater interoperability and simplicity in their product offerings, moving away from the “box of LEGOs” approach to more holistic, integrated solutions. Meanwhile, the continued exploration of automation and AIOps as part of a broader strategy to augment human capabilities is essential.

In navigating the unsustainable skills challenge, collaboration between vendors, enterprises, and educational institutions will be key. By working together to streamline tools, standardize protocols, and enhance training and support, the industry can begin to close the skills gap, reducing burnout and enabling teams to focus on their core mission: safeguarding and optimizing their digital environments.

If you want to see how Cribl is removing the toil from IT and security operations while making tools easier to use, join us at CriblCon on June 10th in Las Vegas. We’re announcing new products and features, and it’s a chance to connect with the brightest minds in cybersecurity and observability.

Not Vegas bound? No worries – join a webinar, blog or sandbox to learn more about Cribl.

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.

We offer free training, certifications, and a free tier across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started and continue to build and evolve. We also offer a variety of hands-on Sandboxes for those interested in how companies globally leverage our products for their data challenges.