Sisyphus might be the official mascot of safety operations.
Sixty-three % of respondents to a current ESG survey of 406 IT and cybersecurity professionals say that safety operations is harder as we speak than it was 2 years in the past. Why?
- 41% of survey respondents level to the quickly evolving and changing menace panorama, which is forcing SOC teams to keep up on cyber menace intelligence evaluation, monitor the newest indicators of compromise, and perceive the techniques, methods, and procedures of cyber adversaries.
- 35% cite the elevated volume of safety knowledge that is collected and processed. I’m not stunned by this. In my experience, many organizations underestimate the assets, expertise, and time essential to manage the security knowledge pipeline … and it is catching up with them.
- 34% say the quantity of security alerts has elevated over the previous two years. As security alert volume escalates, it exposes other security operations issues like a reliance on guide processes and level tools.
- 30% say that progress within the assault surface increases the workload on the SOC group.
It’s additionally essential to keep in mind that these safety operations challenges are exacerbated by the continued cybersecurity expertise scarcity as there just aren’t sufficient skilled bodies to throw at problems.
Trying to get off this safety operations treadmill, many organizations are on the lookout for assist from the public cloud: 41% of organizations say that they now favor cloud-based safety analytics/operations applied sciences, whereas one other 17% are prepared to think about cloud-based security analytics/operations applied sciences on a case-by-case basis.
How cloud-based technologies may also help
Conventional safety analytics and operations platform architectures rely on racks of servers and storage units whereas generating a lot of community visitors. This implies upfront capital costs, engineering, deployment, customization, system tuning, and so forth. All that goes away when a corporation factors its security telemetry toward the cloud. This is also known as “raise and shift,” or the “dumb cloud.”