2nd Edition

Tracking the trends and news for IT and IT Security

Paul

ESG: 4 reasons why SecOps is still pretty difficult

ESG: 4 reasons why SecOps is still pretty difficult
– Lacework Editorial
Over the years, new cloud security tools have helped teams rein in the chaos.In fact, according to a recent Enterprise Strategy Group (ESG) survey on cloud detection and response (CDR) , 51% of respondents indicated that SecOps is either as complicated or more complicated than it was 24 months ago.Because complex cybersecurity tools and processes require a heavy dose of manual lift, which can make SecOps teams feel like they’re always catching up from behind.Sophisticated social engineering, spear phishing, ransomware, and zero-day exploits make it harder for security teams to detect and respond to threats using manual processes.A recent study reported security teams receive 500 or more per day, fueled by multiple disparate security tools.Then, when you add in the relatively low barrier to entry in spinning up cloud environments, it’s easy to understand why SecOps teams feel overwhelmed.More security tools could actually mean more risk In the ESG report, 28% of respondents indicated that security gaps caused by disparate tools and processes were a major source of SecOps pain.And, as the ESG survey data suggests , even with multiple solutions in place, organizations can’t easily detect or respond to threats or attacks in time to prevent incidents or efficiently respond to mitigate their impact.With proper security monitoring, SecOps teams can prioritize risk, communicate effectively across teams, and gain control over cloud environments.According to the ESG report, 26% of respondents cited difficulty developing security rules in a timely manner as a source of SecOps frustration.Even if security teams had ample time to maintain rules (which they don’t), leaders need to ask themselves if this is an effective use of time, given the limitations of tracking threats with rules and signatures — especially if more scalable methods exist, like anomaly-based threat detection.With Lacework, teams can consolidate tools, eliminate gaps, scale security operations up or down with ease, and even eliminate the need for rules.
Link: https://www.lacework.com/blog/esg-4-reasons-why-secops-is-still-pretty-difficult/

Categories:

Tags: