Data breaches continue to plague businesses as security operations (SecOps) teams and centers fail to protect against many kinds of risks. Micro Focus released its 2019 State of Security Operations Update, which revealed while data breaches have increased more than 50 percent since last year, businesses struggle to recruit talented security professionals and invest in good SecOps practices.
“With 4.1 billion compromised records exposed in more than 3,800 publicly disclosed breaches in just the first six months, 2019 is on course to be a record-setting year for data breaches,” said Michael Mychalczuk, director of product management for security operations at Micro Focus. “Our assessment of top-performing SOCs [Security Operations Centers] reflects that, as with any challenge, you should start with the basics. Establish a strong foundation with a proven security information and event management (SIEM) system, well-trained people, standardized processes, and clear business alignment.”
RELATED CONTENT: Best practices for mitigating insider threats in the cloud
According to the report, while 67 percent of IT professionals believe SOC is essential to an overall cybersecurity strategy, 58 percent of respondents stated the lack of skilled staff was a top barrier to SOC excellence. Additionally, because of the pressures to bring down costs, 60 percent of SOCs outsource its SecOps functions. Micro Focus explained these challenges need to be addressed quickly before hackers get more sophisticated and break through an organization’s layers of security.
The report stated the four essential components of successful SecOps include business alignment, people, processes, and technology. These components can be implemented by:
- Providing career development opportunities, training, certification and support
- Demonstrating value of work through documentation and reporting
- Establishing an adaptable, integrated process and procedure management system
- Identifying relevant security use cases and select the right tools to meet those use cases
- Aligning security staff with business goals.Define a mission and frequently communicate it
“As threats evolve, so too must cyber defense capabilities. Looking to the future, organizations must begin building next-generation SOCs. These mature SOCs will employ an arsenal that will not only include core capabilities such as log and security event management, but will also integrate threat hunting, AI and ML, UEBA [User and Entity Behavior Analytics], SOAR [Security Orchestration, Automation and Response] and other advanced technologies that will close defensive gaps and improve efficiency in detection, investigation and response,” Micro Focus wrote in a statement.
Other characteristics of to-performing SOC teams include: top-down commitment, discipline, investment in tale, validation and alignment with IT.