Reimagining the SOC: A Lesson From the Military on 9/11
To sustain the fight against a decentralized global enemy in cyberspace, the modern SOC must engage in a change management experiment to become more agile.
The worst of the COVID-19 pandemic may be behind us, but its impact on the global cybersecurity workforce will force many enterprises to consider Managed Detection and Response (MDR) services.
“The cybersecurity workforce shortage is not going away,” according to ISACA’s State of Cybersecurity 2022 report. “It appears to be getting worse, perhaps influenced by job seekers considering flexible working hours a major factor in stay-or-go decisions.”
The Great Resignation of 2021 has given way to what ISACA calls “an intense battle for talent” in the cybersecurity community, with 60 percent of enterprises across the globe experiencing difficulty retaining qualified talent, according to the ISACA report.
Demands for better work-life balance, significant resistance to returning to physical office space, and high wage expectations signal a much longer-term workforce struggle than previously anticipated.
Nearly half (46%) of the 2,031 global respondents in the ISACA survey reported having a security staff of just two to 10 individuals. In-house staff fully manage approximately half of their five major security functions (identify, protect, detect, respond and recover), with most of the remainder partially outsourced.
The findings from the ISACA report indicate that staffing levels, retention, and cyberattacks are interrelated. “Sixty-nine percent of respondents whose organizations experienced more cyberattacks in the past year report being somewhat or significantly understaffed,” the report states.
“Similarly, 70 percent of respondents whose organizations experienced more attacks indicate their employers experienced difficulties retaining qualified cybersecurity professionals, up seven percentage points from last year.”
The top security skills in demand this year include:
For security teams struggling with staffing shortages, alert fatigue, and a pressing need to streamline operations, Managed Detection and Response (MDR) services are an efficient and effective way to improve an organization’s security posture while freeing up analysts to focus on strategic priorities.
Cybereason MDR not only provides 24/7 monitoring, elite threat hunting experts, the industry-leading Cybereason Defense Platform, and an array of other services, but it also brings to bear proprietary technology that enables Cybereason to detect a threat in less than 1 minute, triage the threat in less than 5 minutes, and remediate it in less than 30 minutes.
Cybereason MDR positions your security team with a future-ready posture designed to not only detect and remediate today’s threats but ensure protection against tomorrow’s attacks.
Other tangible business benefits include:
Defenders can also leverage the Cybereason Mobile App to get instant access to their MDR dashboards, approve remediation actions, and communicate with our Global SOC Team from any authorized mobile device. Defenders can take immediate action by launching remediation actions for ongoing threats. This reduction in latency significantly reduces an adversary’s lateral movement and can prevent an attack from turning into a breach.
Contact a Cybereason Defender to learn more about how Cybereason MDR delivers prevention, detection, and response capabilities as a service, enabling us to uncover the most sophisticated and pervasive threats without having to manage them yourself.
Dan Verton is Director of Content Marketing at Cybereason. Dan has 30 years of experience as a former intelligence officer and journalist. He is the 2003 first-place recipient of the Jesse H. Neal National Business Journalism Award for Best News Reporting – the nation’s highest award for tech trade journalism and is the author of the groundbreaking work, Black Ice: The Invisible Threat of Cyber-Terrorism (McGraw-Hill, 2003). He most recently served as an intelligence advisor and co-author of a nationwide TSA anti-terrorism awareness training program.
All Posts by Dan Verton
To sustain the fight against a decentralized global enemy in cyberspace, the modern SOC must engage in a change management experiment to become more agile.
The challenges faced by SOCs—workforce shortages, lack of visibility, tool sprawl and alert overload—will likely result in increased adoption of Managed Detection and Response (MDR) services and and Extended Detection and Response (XDR) solutions...