Exhibitor Press Releases

18 Jan 2022

The State of SecOps

The State of SecOps
Image of a blue lock on a dark background

The research findings reveal that most organisations use and manage automation technologies like SIEM (84%) or SOAR (73%) platforms in-house. These tools are designed to aggregate and analyse threat activity from across the IT environment (SIEM) and automate investigative workflows (SOAR) to make security operations teams more effective.

However, only 16% of respondents said they are confident about having full visibility into alerts. On average respondents said they miss almost a fifth of alerts.

“SIEM and SOAR tools are not a silver bullet for SecOps and often require more work than IT security buyers realise. If they’re not kept continually fine-tuned and manned by experts, analysts are likely to be overwhelmed by alert volumes, meaning some threats slip through under the radar,” said SOC.OS CEO Dave Mareels. “There’s a tremendous business cost to this, in terms of potential breaches, lost productivity and staff burnout.”

The SOC.OS research found that IT security decision makers are forced to dedicate over eight hours managing alerts each week. Nearly three-quarters (72%) agreed that this amount of time, and the vicious cycle of firefighting that SecOps teams are forced into, means that analysts aren’t able to use security technology to its full potential.

“Organisations have so many tools, which all produce data that needs to be winnowed down into meaningful bites for investigation. This is a challenge.” Rupert Ogilvie, Senior Consultant at Intergence Systems adds. “A lot of smaller companies acquire more and more security tools as they grow, and then new regulations kick in, and before they realise it, they have no way to manage all of this security data. There is a real need for organisations to take the complexity out of data analysis so that they can focus on the more important things.” 

Over two-thirds of respondents (68%) also agreed that increased workload and stress, combined with insufficient resources, lead to frequent staff burnout in SecOps. That said, if they had the opportunity to start again from scratch, nearly half (46%) of security leaders would still build their SecOps function starting with the technology, rather than focussing on people, process and culture.

“I always preach the four pillars of security; tech, people, process and culture. If I was to rank these in order, I'd say culture and people are a joint first priority and only then should you consider technology and process as secondaries.” said Mareels.

“It’s sad that so many infosec leaders focus primarily on technology. Have we succumbed so badly to ‘silver bullet’ vendor marketing that we actually believe the hype? Give me a high functioning and motivated team with an average tech stack versus the best tech stack in the world with a burnt out, sub-par functioning team any day of the week.”

The study also revealed that the vast majority (79%) of respondents are covered by cyber-insurance. However, nearly two-fifths (37%) admitted that they don’t fully understand the scope of coverage, which could lead to a false sense of security.

Loading

2024 Sponsors

Platinum Sponsors

google cloud

Platinum Sponsors

pentera

Platinum Sponsors

delinea

Platinum Sponsors

paloalto prisma

Gold Sponsors

lenovo

Gold Sponsors

softcat

Gold Sponsors

vodafone

Gold Sponsors

wasabi

Silver Sponsors

absnormal

Silver Sponsors

rubrik

Silver Sponsors

it complete

Silver Sponsors

ironscales

Theatre Sponsors

ibm

Theatre Sponsors

vultr

Theatre Sponsors

cato

Theatre Sponsors

crowdstrike

Security the cloud stream

technology

Conquering the evolving threat landscape stream

cyber

Building a blueprint for trust stream

business focus magazine

The future of cyber security stream

cyber resilience centre

Fortifying industry 4.0 stream

grc outlook

2024 Partners

Headline partners

excel london

Headline partners

cybersecurity jobsite

Headline partners

cyber security council

Media Partners

cloudtango

Media Partners

silicon

Media Partners

isaca

Media Partners

media planet

Media Partners

she can code

Media Partners

technology

Media Partners

cyber

Media Partners

business focus magazine

Media Partners

cyber resilience centre

Media Partners

grc outlook