The scourge of ransomware directly impacts the investment decisions organizations make to modernize their Security Operations Centers (SOCs), according to a new global research study conducted by Cybereason.
The new study, Ransomware and the Modern SOC: How Ransomware is Driving the Requirements for SOC Modernization, is the result of a global survey of 1,203 security professionals from eight countries and a dozen industries. More than 58% of respondents said their SOC spends most of its time responding to ransomware and supply chain attacks that often lead to ransomware incidents. As a result, their modernization plans are now focused across four specific areas:
- 38% — Plan to deploy new detection capabilities with better detection efficacy.
- 31% — Need better visibility into the full attack story.
- 31% — Are looking for ways to augment staffing and contract for managed services, and
- 29% — Said ransomware has increased their need for better automation and faster response.
SOCs of all sizes and levels of sophistication are in a constant stranglehold stemming from workforce shortages, lack of visibility and automation, tool sprawl, and alert overload. The status quo of constantly battling to stay ahead of adversaries, show a return on security investments, and ensure that hard-to-come-by staff is not overworked to the point of burnout is untenable.
Building, modernizing, or operating a SOC are evolutionary processes that change as the business, its needs, and the threat landscape change. The trajectory for the post-COVID era SOC is clear: The modern SOC will be a decentralized, capabilities-based organization that leverages industry-leading detection, prevention, visibility, and automation technologies, all of which are often augmented by managed services.
The full report can be found here: Ransomware and the Modern SOC: How Ransomware is Driving the Requirements for SOC Modernization.
Cybereason is dedicated to teaming with defenders to end ransomware attacks on the endpoint, across the enterprise, and everywhere the battle takes place. Learn more about ransomware defense here or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.