If you work in an organization, you’ve probably had to take a cybersecurity training course at some point during your time there. Regardless of whether you work in cybersecurity or not, most of us breeze through the slides or videos, halfway listening to the warnings about spear phishing emails and hacking tactics. We complete the training and then we tuck away the lessons learned until the next year when we have to do it all again.
Recently, ThreatQuotient hosted an interactive discussion regarding security orchestration and cyber security automation adoption – what it is, what it’s meant to do, and why it can present a challenge for security teams to set up and maintain. What we heard from attendees was that the most common issues preventing them from integrating some form of security automation into their internal processes are the necessary time and resources.
In the past year, research indicates that nearly a third of organizations have accelerated their plans to automate key security and IR processes, while another 85% plan on automating them in the next 12 months. Despite the positivity of these statistics, many organizations struggle to change to a more automated process. This was highlighted at a recent webinar we held with a panel of senior cybersecurity experts from a multitude of sectors.
“Safe travels!” It’s been a long time since most of us have uttered that phrase. Now we’re saying it with increasing regularity as family members, friends and colleagues are traveling again with greater ease and confidence. I’d like to suggest that when those of us in the security industry wish someone a safe trip, we use the opportunity to remind them of the increased cybersecurity risk they now face and share our expertise for how to protect themselves.
In previous blog posts we’ve discussed the value of a data-driven approach to security operations. In this post, we’d like to reflect and take a closer look at what that approach means to the automation of SOC (Security Operations Center) workflows and how it has influenced the product and design decisions of ThreatQ and ThreatQ TDR Orchestrator.
Today’s escalating threat landscape means that security operations teams face a multitude of challenges. This can make it challenging for them to keep pace with the sheer scale of threats, tactics and techniques that bad actors frequently use. When you consider recent ransomware attack statistics, it is easy to see that cybercrime has intensified, with a record-breaking number of threats of increasing severity taking place year-on-year.
It may surprise you to learn that new research by CompTIA finds only 30% of the cyber workforce is in the 19-34 age group, with 52% between 35 and 54.
According to Joshua Ray, managing director, Global Cyber Defense Lead, Accenture, “Every business is digital now and must adopt a resilient cybersecurity posture to protect their value.
The security landscape is continually changing and the race to stay ahead is often one of both victory and failure. As organizations globally continue to expand, security professionals are struggling to update operations quickly enough to ensure effective monitoring and response to incidents in their environment. The lack of security professionals makes this even more challenging. Patching systems, scanning for vulnerabilities, protecting against malware and viruses are essential and just plain smart.
