LATEST INTELLIGENCE
struggle with disconnected point tools,
manual processes, and a global cybersecurity
skills shortage.
The security data pipeline continues
to grow in volume and complexity.
Nearly one-third of organizations collect
substantially more data to support
cybersecurity analytics and operations today
than they did 2 years ago, while more than
half are retaining data online for longer
periods of time than in the past.
Evolving from SIEM to SOAPA. Seventy
percent of organizations have a security
event and information management (SIEM)
system in place, and use SIEM for monitoring
the security of cloud-based workloads,
detecting known cyber-attacks, and
producing reports for regulatory compliance.
Staffing and skills shortages lead
inevitably to managed services. Three-
quarters of respondents agree that the
cybersecurity skills shortage has impacted
their organization’s security analytics
and operations effectiveness and 70%
say it is difficult to recruit and hire
additional SOC staff.
SOCs will have a “cloudy” future. Many
organizations are moving on from on-
premises security analytics and operations
technologies, as more than half now prefer
cloud-based security analytics/operations
solutions or would consider cloud-based
security analytics/operations solutions on a
case-by-case basis. Some will “lift and shift”
on-premises tools to the cloud, some will
replace on-premises tools with cloud-based
alternatives, and some will supplement on-
premises SOC technologies with additional
cloud-based tools.
Organizations are incorporating machine
learning and automation/orchestration into
their technology plans.
More than half of organizations are
adopting technologies featuring
security analytics machine learning
algorithms while nearly two-thirds are
utilizing new technologies for process
automation/orchestration. n
Download whitepapers free from www.intelligentcio.com/me/whitepapers/
www.intelligentcio.com
INTELLIGENTCIO
23