According to the 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn’t just the big players caught in the line of fire. IBM’s report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes — from local credit unions to Fortune 500s — are at risk.

SIEMs have come a long way since they first debuted in the security operations center (SOC) well over a decade and a half ago. Today, next-gen SIEMs are far more advanced than early systems, which merely gathered and logged data from different sources. Now, SIEM software can deliver comprehensive insight into network security and data protection by looking for anomalous activity that could indicate compliance, performance and security issues.

Many automation tools, such as SOAR, suffer from an ironic Catch-22: you know that automation will save your team huge amounts of time, but it’s difficult to implement and requires skills you don’t necessarily have in-house. Essentially, you can’t afford the tools that will save you money. Ay, there’s the rub! You may have seen tools promising “no-code” capabilities with intuitive GUIs that help non-programmers build abstract functions.

The SOC is changing. And to keep cybercriminals from wreaking havoc, security teams must mature their security operations to derive more value from the systems, tools, and data at their disposal. To do so, organizations are increasingly automating more SOC tasks and have long-term plans to build autonomous SOCs to augment their security analysts.

It’s an ever-changing and ever-evolving threat landscape out there today. Bad actors are smarter, more sophisticated, and better at evading detection. Security teams are also facing a barrage of overwhelming information, continually expanding the stream of alerts that must be reviewed, triaged and investigated.

Devo recently announced that it has entered into a strategic collaboration agreement with Amazon Web Services (AWS). This is a significant milestone for Devo and great news for our mutual customers with AWS. We caught up with Tony Le, cloud partnerships director, to take a deeper dive into what this means and how the collaboration will benefit our users in the long run.

Security teams need the ability to model their complex organizations by splitting data across multiple tenants while maintaining complete visibility throughout the entire infrastructure. At the same time, they must keep data segregated to maintain security and meet data residency and compliance requirements.

The Russian cyberattacks against the U.S. are ramping up in scope and volume. Last month, a hacking group claimed credit for cyberattacks hitting more than a dozen U.S. airports’ websites, temporarily rendering parts of the sites inaccessible to the public. State-sponsored actives in non-war conditions expend exorbitant efforts to disguise themselves to prevent attribution. They also purposefully limit the scope of their attacks.

The disparities in some key areas in our 2022 Devo SOC Performance ReportTM provide clear evidence that the issues facing organizations since the start of the global pandemic in early 2020 continue to affect SOC performance, especially in the areas of hiring and retaining SOC talent.

The fourth annual Devo SOC Performance ReportTM shows security professionals believe the SOC is significant to their organization’s cybersecurity strategy. As noted in our last blog, 77% of respondents say their SOC is “very important” or “essential” to their organization. But there’s pain behind the scenes as well. The report notes the majority of security professionals are feeling overwhelmed due to too much work and not enough resources.