Security News

Manual alert triage costs organizations $3.3 billion annually in the US alone, and security analysts are tasked with the massive undertaking of detecting, investigating and responding to threats as quickly and efficiently as possible while being challenged by an expanding attack surface and thousands of daily security alerts. On average, SOC teams receive 4,484 alerts daily and spend nearly three hours a day manually triaging alerts.

Security leaders are recognizing that cloud and the way cloud security teams work today are becoming increasingly critical to business and IT operations, according to Trend Micro. As a result, cloud security and the foundational practices of their teams will be absorbed into the SOC to increase efficiencies in the coming years.

"Human psychology is important to consider from a security team perspective, because we all have cognitive biases," explains Darley. How can AI help us to overcome these cognitive biases? Machine learning can analyse network traffic and identify anomalies or suspicious behaviour that could indicate a cyber attack.

Shadow AI. Employees are using the new family of generative AI tools like ChatGPT whether they're allowed to or not. To turn AI into a cybersecurity ally, organizations need to update - or perhaps create - action plans to handle the adoption of new, cutting-edge AI tools.

TechRepublic Premium Mobile device security policy PURPOSE This Mobile Device Security Policy from TechRepublic Premium provides guidelines for mobile device security needs in order to protect businesses and their employees. This policy can be customized as needed to fit the needs of your organization.

Google said it's working with ecosystem partners to harden the security of firmware that interacts with Android. While the Android operating system runs on what's called the application processor, it's just one of the many processors of a system-on-chip that cater to various tasks like cellular communications and multimedia processing.

Enterprises have a limited number of analysts running their security operations centers and are deploying multiple tools in an attempt to address their cloud security challenges, according to ManageEngine. ManageEngine's study has also revealed a surge in cloud adoption, with 72% of respondents using multi-cloud applications and another 5% using hybrid cloud systems.

Up until now, much of these advancements in automation have been focused on response, with SOAR and incident response tools playing an instrumental role in tackling the most urgent phase of the SOC workflow. By breaking down the SOC workflow into phases, it is easy to see more instances where automation can improve the speed and efficacy of security teams.

Gurucul announced the results of a Black Hat USA 2022 security professionals survey with respondents indicating that insider threats were the most difficult type of attack for SOC analysts to detect, and that behavioral analytics was the most common piece of technology they felt was missing and that they planned to add to the SOC in the near future. The survey also found that a strong majority of respondents feel their SOC programs are improving, but that they needed more training, high-level talent in the SOC, better compensation, and more time off.

How secure are the third parties you've entrusted with your data? SOC 2 is a framework that ensures these service providers securely manage data to protect their customers and clients. For security-conscious businesses - and security should be a priority for every business today - SOC 2 is now a minimal requirement when considering a SaaS provider.