Ninety six percent of enterprises have increased their budget investment in security operations during the Covid-19 pandemic, 86 percent have increased their staffing and 91 percent have increased their adoption of advanced security technologies, according to the annual State of Security Operations report from CyberRes, a Micro Focus line of business.
The key reason cited for the increased investment was to address the complexity, scale, and impact to business operations through the rapidly growing attack surface, as the result of rapid workforce transformation. Along those same lines, security operations centers (SOCs) have increased their adoption of the cloud, with 95 percent now deploying their solutions in hybrid-cloud environments, a radical adoption rate fueled by the need to better manage security operations.
The report also identifies the top challenges faced by Indian cybersecurity operations team in 2021. It details that SOCs are facing maximum complication while monitoring security across a growing attack surface, expanding workloads to cloud and hybrid environments, finding time for strategy and process improvement, and experiencing alert fatigue.
“As we move ahead in the digitally accelerated world, organizations have realized the importance of deploying a strong cyber resilience framework to navigate through the threat landscape. The State of Security Operations Report depicts the increased adoption of cloud and technologies like AI/ML and automation by SOCs for enhanced SecOps capabilities. Ensuring the security of data, applications, and identities is now a matter of boardroom importance,” said Praveen Patil Kulkarni, Country Manager – Security Risk & Governance, Micro Focus. “SOCs are integrating resilience underscores to secure the entire digital value chain. We at Micro Focus, strive to empower our customers be cyber-first in their digital journey.”
“The State of Security Operations report depicts a clearly defined pivot on how cyber plays a role in driving business modernization, securing the digital value chain and driving digital transformation,” said Mark Fernandes, Global CTO, CyberRes. “SOCs of the future need to be resilient in combating modern AI-led adversaries that do not rely on techniques of the past. The report shows that we are moving into an era of highly intelligent, counter-adversary centers that move the human analyst to the center of creative interpretation of threats, where machines assist in countering modern threat actors using ML, automation, cognitive and AI.”
Key CISO highlights from the report include:
- SOC business prioritization: 51 percent of respondents stated that they are prioritizing efforts to build repeatable processes backed by Priority Intelligence Requirements (PIRs), rather than relying on generalized vendor-provided scoring, to align their SOCs with threat intelligence and better secure the value chain
- SOC in an era of Covid: 85 percent of respondents increased monitoring controls as a response to Covid-related workforce transformation, as well as complex remote and SASE access requirements.
- Growing Complexity driving SOC priorities: 40 percent of respondents indicated that the primary challenge facing their current security operations teams is their struggle to address an increasingly complex attack surface.
- Modern adversaries are out-innovating traditional SOCs: 79 percent of respondents say their SOCs were required to increase adoption of advanced security technologies during Covid-19 to combat evolving threats. 36 percent of respondents indicated that, over the next 12 months, they are planning to adopt techniques powering resilient Security Operations, which are designed to address modern adversaries and threat actors. These techniques include signals, shellcode, and dynamic malware analysis, as well as more advanced end point, hunt, and response capabilities.
- Continuous readiness: 93 percent of respondents stated that red teaming (i.e., simulating the actions of an adversary) was essential to their security operations, with 72 percent conducting red teaming exercises at least twice per year to encourage constant vigilance.
Key India insights:
- 97.50 percent respondents have increased the adoption of cloud-based cybersecurity solutions and 88.8 percent respondents have increased the adoption of a zero-trust policy
- 62.5 percent of the respondents have already adopted automated threat intelligence platform(s)
- 58 percent organizations consider improving detection of advanced threats as the primary role for automation, machine learning, and cognitive security technologies (including deep learning) playing in your cyber operations
- 86 percent of companies in the United States and India have hired more staff for security operations