CyberRes, a Micro Focus line of business, today published its annual State of Security Operations report, which provides insights into how enterprises are utilizing security operations to modernize their business, secure the digital value chain and systematically address modern threats to achieve greater enterprise resiliency. Overall, the report found that the increased adoption of advanced security technologies and hybrid-cloud deployments was primarily driven by the need to navigate and manage an increasingly complex and expanding attack surface due to rapid workforce transformation driven by the COVID-19 pandemic.
The CyberRes 2021 State of Security Operations report offers a close look at the changes, trends, challenges, and strategies of security operations (SecOps) teams around the globe. The survey behind the report specifically references the experiences of over 500 security operations managers, executives, and decision makers from around the world, and aims to provide implications and real insights to CISOs, CIOs, and other IT leaders to better secure their enterprises.
The report highlights the fact that in India, 96% of enterprises have increased their budget investment in security operations during the COVID-19 pandemic, 86% have increased their staffing and 91% have increased their adoption of advanced security technologies. The key reason cited for the increased investment was to address the complexity, scale, and impact to business operations through the rapidly growing attack surface, as the result of rapid workforce transformation. Along those same lines, security operations centers (SOCs) have increased their adoption of the cloud, with 95% now deploying their solutions in hybrid-cloud environments, a radical adoption rate fueled by the need to better manage security operations.
The report also identifies the top challenges faced by Indian cybersecurity operations team in 2021. It details that SOCs are facing maximum complication while monitoring security across a growing attack surface, expanding workloads to cloud and hybrid environments, finding time for strategy and process improvement, and experiencing alert fatigue.
“As we move ahead in the digitally accelerated world, organizations have realized the importance of deploying a strong cyber resilience framework to navigate through the threat landscape. The State of Security Operations Report depicts the increased adoption of cloud and technologies like AI/ML and automation by SOCs for enhanced SecOps capabilities. Ensuring the security of data, applications, and identities is now a matter of boardroom importance,” said Praveen Patil Kulkarni, Country Manager – Security Risk & Governance at Micro Focus. “SOCs are integrating resilience underscores to secure the entire digital value chain. We at Micro Focus, strive to empower our customers be cyber-first in their digital journey.”
“The State of Security Operations report depicts a clearly defined pivot on how cyber plays a role in driving business modernization, securing the digital value chain and driving digital transformation,” said Mark Fernandes, Global CTO, CyberRes. “SOCs of the future need to be resilient in combatting modern AI-led adversaries that do not rely on techniques of the past. The report shows that we are moving into an era of highly intelligent, counter-adversary centers that move the human analyst to the center of creative interpretation of threats, where machines assist in countering modern threat actors using ML, automation, cognitive and AI.”
Key CISO Insights
Key CISO highlights from the report include:
- SOC business prioritization: 51% of respondents stated that they are prioritizing efforts to build repeatable processes backed by Priority Intelligence Requirements (PIRs), rather than relying on generalized vendor-provided scoring, to align their SOCs with threat intelligence and better secure the value chain
- SOC in an era of COVID: 85% of respondents increased monitoring controls as a response to COVID-related workforce transformation, as well as complex remote and SASE access requirements.
- Growing Complexity driving SOC priorities: 40% of respondents indicated that the primary challenge facing their current security operations teams is their struggle to address an increasingly complex attack surface.
- Modern adversaries are out-innovating traditional SOCs: 79% of respondents say their SOCs were required to increase adoption of advanced security technologies during COVID-19 to combat evolving threats. 36% of respondents indicated that, over the next 12 months, they are planning to adopt techniques powering resilient Security Operations, which are designed to address modern adversaries and threat actors. These techniques include signals, shellcode, and dynamic malware analysis, as well as more advanced end point, hunt, and response capabilities.
- Continuous readiness: 93% of respondents stated that red teaming (i.e., simulating the actions of an adversary) was essential to their security operations, with 72% conducting red teaming exercises at least twice per year to encourage constant vigilance.
Key India insights:
- 97.50% respondents have increased the adoption of cloud-based cybersecurity solutions and 88.8% respondents have increased the adoption of a zero-trust policy
- 62.5% of the respondents have already adopted automated threat intelligence platform(s)
- 58% organizations consider improving detection of advanced threats as the primary role for automation, machine learning, and cognitive security technologies (including deep learning) playing in your cyber operations
- 86% of companies in the United States and India have hired more staff for security operations