Security News
Lastly, do something outside of work that encourages team collaboration. With the rise of cloud models and hybrid cloud paradigms, how have the roles of NetOps and SecOps evolved, and what challenges does this pose for team alignment?
Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed...
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. As more vendors attempt to challenge the dominant players in the SIEM category, demand is increasing for solutions that offer automation, which can cover 80%, while also offering customization capabilities to cover bespoke use cases - the remaining 20%. With the continual surge in global data creation, organizations are inevitably seeing an uptick in the number of alerts managed by security teams.
According to the surveyed DevOps and SecOps leaders, 97% are using the technology today, with 74% reporting they feel pressure to use it despite identified security risks. While DevOps and SecOps respondents hold similar outlooks on generative AI in most cases, there are notable differences with regards to adoption and productivity.
As attack surfaces expand and applications become more complex, regular pen tests become a crucial component of a strong web application security posture. Pen testing is often conducted periodically, which results in a "Security sprint" every time a new test is scheduled.
Security operations teams are spending their days looking for known vulnerabilities and watching for new threats. Once compiled, SecOps can begin to assess security gaps and risks to those operations and combine that with their knowledge of adversaries targeting their company or industry.
Organisations have work to do if they want to attract and retain diverse talent in their security operations teams, according to SOC.OS and Sapio Research. 23% or respondents said they're struggling to incentivise, motivate and retain their SecOps teams.
There is an alternative way for procuring security expertise: by retaining the services of managed security service providers and managed detection and response providers. MSSPs usually assist organizations' IT departments in managing the IT infrastructure and keeping it secure by managing security equipment/systems, monitoring security logs, supervising patch management, and similar preventative security measures.
The goal of any SecOps system is to collect, correlate, and assess data gathered from every corner of the network to detect and investigate anomalous behavior and then respond promptly to thwart an attack before its damage is done. Issues like evolving operational requirements, the rapid expansion of network edges, the recent inversion of the network due to the transition to a remote workforce, and growing compliance requirements are accelerating the volume and velocity of data and overall complexity for SecOps.
Microsoft is updating Microsoft Defender for Identity to allow security operations teams to block attacks by locking a compromised user's Active Directory account. Microsoft Defender for Identity is a cloud security service that leverages on-premises Active Directory signals to detect and analyze advanced threats, compromised identities, and malicious insider activity targeting enrolled organizations.