Deepwatch Report: IT Security Pros Say Alert Noise Compromises Response to Disruptive Cyber ​​Threats

TAMPA, Florida–(BUSINESS WIRE)–Deepwatch, the leader in advanced managed detection and response (MDR) security, today released the State of the Modern SOC report. Recent research by Deepwatch found that most IT security professionals believe they could have prevented activities from impacting cyber events if they were equipped with better response capabilities. Many are looking for more automation and less alert noise to shorten response times.

The report found that 85% of IT security professionals experienced preventable business impacts resulting from insufficient response procedures, while 97% said more accurate alerting would increase their confidence in automating response actions. threat. More than 300 security professionals, working in US organizations with 1,000 or more employees, were interviewed by Dimensional Research for this report.

“Stronger detection paves the way for reliable automated response and rapid, effective containment of cyber threats,” said Wesley Mullins, chief technology officer at Deepwatch. “Modern Security Operations Centers (SOCs) must be equipped with high-fidelity alerts, which include appropriate contextualization and correlation to provide as clear a picture of the threat as possible. Not only does this allow analysts to work better , but it also opens up the possibility of implementing automated response actions that block threats with speed and precision.The key is confidence in detection.

Almost all (93%) security professionals strive to reduce response times, and even more (99%) think they need more automation or want to know more about automating the responding to security incidents in their organizations. Automation would greatly benefit resource-strapped organizations. The study found that 38% of security teams in enterprises with more than 1,000 employees still lack the resources to provide 24/7 SOC coverage; of these, 30% have SOC coverage only during business hours and 8% have no SOC.

“Traditionally, SOCs only existed in large enterprises, which have ample resources of sophisticated security teams. Today, even the smallest enterprises recognize the need for 24/7/365 monitoring given today’s threat landscape,” Mullins said. “Unfortunately, threat actors do not observe business hours and can harm any organization, anywhere in the world, including unintended targets.”

Of the 85% of security professionals who reported preventable business impacts due to insufficient response, 63% reported the consequences of blocked access to their systems resulting in downtime, and 47% reported a negative impact on the customer experience.

Mullins added, “With the rise of ransomware and critical infrastructure attacks, we all know that cyber incidents can have very disruptive impacts on operations. This can certainly harm a company’s internal productivity and revenue, but in the case of critical infrastructure, these attacks can have far more troubling consequences. No one can prevent 100% of threats from entering their environment. So it’s equally important to have proven detection and response programs to stop threats before they can actually damage the business or shut down operations. Automating response and partnering with a trusted vendor to manage detection and response are two paths to faster threat containment. »

To read the full report, please visit https://www.deepwatch.com/state-of-the-modern-soc/.

About Deepwatch

Deepwatch is the leader in managed security services, protecting organizations against ever-growing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest and most comprehensive detection and automated response to cyber threats, as well as personalized advice from dedicated experts to mitigate the risks and measurably improve the security posture. Hundreds of organizations, from the Fortune 100 to midsize enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more.

Comments are closed.