Security News

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do...

Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams...

Threat actors aren't looking for companies of specific sizes or industries, they are looking for opportunities. Given that many companies operate in the dark and overlook breaches until ransomware attacks occur, this makes the threat actors' job easy.

Nine out of 10 security teams are automating at least some of their work, and 93% of respondents believe that more automation would improve their work-life balance. According to the research, overall job satisfaction in the SOC remains high - security teams love the work they do.

The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites, Founder of CyAlliance and former CISO at companies like Warner Brothers and Home Depot - shared their perspectives on how to run an effective SOC in 2023.

Manual alert triage costs organizations $3.3 billion annually in the US alone, and security analysts are tasked with the massive undertaking of detecting, investigating and responding to threats as quickly and efficiently as possible while being challenged by an expanding attack surface and thousands of daily security alerts. On average, SOC teams receive 4,484 alerts daily and spend nearly three hours a day manually triaging alerts.

Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend Micro. As a result, cloud security and the foundational practices of their teams will be absorbed into the SOC to increase efficiencies in the coming years.

"Human psychology is important to consider from a security team perspective, because we all have cognitive biases," explains Darley. How can AI help us to overcome these cognitive biases? Machine learning can analyse network traffic and identify anomalies or suspicious behaviour that could indicate a cyber attack.

Shadow AI. Employees are using the new family of generative AI tools like ChatGPT whether they're allowed to or not. To turn AI into a cybersecurity ally, organizations need to update - or perhaps create - action plans to handle the adoption of new, cutting-edge AI tools.

TechRepublic Premium Mobile device security policy PURPOSE This Mobile Device Security Policy from TechRepublic Premium provides guidelines for mobile device security needs in order to protect businesses and their employees. This policy can be customized as needed to fit the needs of your organization.