One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 7317314 |
| Date de publication | 2022-10-06 02:00:00 (vue: 2022-10-06 10:07:37) |
| Titre | 5 reasons why security operations are getting harder |
| Texte | Recent ESG research reveals that 52% of security professionals believe security operations are more difficult today than they were two years ago. Why? Security operations center (SOC) teams point to issues such as: A rapidly evolving and changing threat landscape: Forty-one percent of security professionals find it difficult to understand and counteract modern threats like ransomware or supply chain attacks and then build this knowledge into a comprehensive security operations program. Most react to threats and indicators of compromise (IoCs) rather than study cyber-adversaries and plan ahead. A growing attack surface: This issue came up with 39% of respondents, but attack surface challenges are no surprise. Other ESG research indicates that the attack surface is growing at two-thirds (67%) of organizations, driven by third-party IT connections, support for remote workers, increased public cloud usage, and adoption of SaaS applications. A growing attack surface means more work, vulnerabilities, and blind spots for SOC teams. Little wonder then why 69% of organizations admit to a cyber-incident emanating from an unknown, unmanaged, or poorly managed internet-facing asset. The volume and complexity of security alerts: We've all heard about “alert storms” and “alert fatigue.” Based on the ESG data, these conditions aren't just marketing hype, as 37% of SOC teams say that alert volume and complexity is making security operations more difficult. It's easy to understand this one: Imagine viewing, triaging, prioritizing, and investigating a constant barrage of amorphous security alerts from a variety of different detection tools and you'll get the picture. Seems overwhelming but that's the reality for level 1 SOC analysts at many organizations. Public cloud usage: Beyond just expanding the attack surface, more than one-third (34%) say that security operations are more difficult as a direct result of growing use of the public cloud. This is not just a numbers game. Securing cloud workloads is difficult due to multi-cloud deployment, ephemeral cloud instances, and developer use of new cloud services that security teams may be unfamiliar with. Chasing cloud evolution and associated software developer whims has become part of the job. Keeping up with the care and feeding of security technologies: More than half (54%) of organizations use more than 26 different commercial, homegrown, or open-source tools for security operations. The burden of managing and maintaining all these disparate technologies alone can be difficult. This is one reason why many firms are replacing on-site security tools with cloud-based alternatives. Growing scale complicates security operations In analyzing this data, it's easy to see a common theme across these different responses – scale. Everything is growing – threats, IT, alerts, tools, everything. The research illustrates the fact that we don't have the people, processes, or technologies to keep up with these scaling needs.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | about across admit adoption adversaries ago ahead alert alerts alerts: all alone alternatives amorphous analysts analyzing applications are aren article as: asset associated attack attacks barrage based become believe beyond blind build burden but came can care center chain challenges changing chasing click cloud commercial common complexity complicates comprehensive compromise conditions connections constant counteract cyber data deployment detection developer different difficult direct disparate don driven due easy emanating ephemeral esg everything evolution evolving expanding facing fact fatigue feeding find firms forty from full game get getting growing half harder has have heard here homegrown hype illustrates imagine incident increased indicates indicators instances internet investigating iocs issue issues job just keep keeping knowledge landscape: level like little maintaining making managed managing many marketing may means modern more most multi needs new not numbers one one: open operations organizations other overwhelming part party people percent picture plan please point poorly prioritizing processes professionals program public ransomware rapidly rather react read reality reason reasons recent remote replacing research respondents responses result reveals saas say scale scaling securing security see seems services site soc software source spots storms” study such supply support surface surface: surprise teams technologies technologies: than that theme then these third thirds threat threats today tools triaging two understand unfamiliar unknown unmanaged usage usage: use variety viewing volume vulnerabilities whims why wonder work workers workloads years you “alert |
| Tags | Ransomware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.