Deepwatch Report: IT Security Professionals Say Alert Noise Undermines Response To Disruptive Cyber Threats
Deepwatch’s State of the Modern SOC report found that 85% of security professionals experienced preventable business impacts as a result of insufficient response procedures.
DENVER, CO. – June 1, 2022 — Deepwatch, the leader in advanced managed detection and response (MDR) security, today released the State of the Modern SOC report. Recent research by Deepwatch found that most IT security professionals believe they could have stopped business-impacting cyber events if equipped with better response capabilities. Many seek more automation and less alert noise to shorten response times.
The report found that 85% of IT security professionals have experienced preventable business impacts resulting from insufficient response procedures, while 97% said that more accurate alerting would increase their confidence in automating threat response actions. More than 300 security professionals, working at U.S. organizations with 1,000 or more employees, were surveyed by Dimensional Research for this report.
“Stronger detection paves the way for trustworthy automated response and fast, effective containment of cyber threats,” said Wesley Mullins, chief technology officer at Deepwatch. “Modern security operations centers (SOCs) should be equipped with high-fidelity alerts, that include proper contextualization and correlation to provide as clear of a picture of the threat as possible. Not only does that enable analysts to work better, but it also unlocks the ability to implement automated response actions that stop threats with speed and precision. The key is confidence in the detection.”
Almost all (93%) of security professionals are working to reduce response times, and even more (99%) either believe they need more automation or want to learn more about automating security incident response in their organizations. Automation would significantly benefit organizations strapped for resources. The research found that 38% of security teams for companies with over 1000 employees are still not resourced for 24/7 SOC coverage; of that, 30% have SOC coverage during business hours only, and 8% have no SOC.
“Traditionally SOCs only existed at the large enterprises, which are well resourced with sophisticated security teams. Now, even smaller organizations recognize the need for 24/7/365 monitoring given today’s threat landscape,” said Mullins. “Unfortunately, threat actors don’t respect business hours and can cause harm to any organization, anywhere in the world, including unintended targets.”
Of the 85% of security professionals that reported preventable business impacts due to insufficient response, 63% reported consequences of blocked access to their systems resulting in downtime, and 47% reported a negative impact on customer experience.
Mullins added: “With the rise of ransomware and attacks on critical infrastructure, we all know that cyber incidents can have highly disruptive impacts on operations. That can certainly cost a business internal productivity and revenue, but in the case of critical infrastructure, these attacks can have much more troubling consequences. No one can prevent 100% of threats from entering their environments, so it’s just as important to have mature detection and response programs to stop the threats before they can actually damage the business or stop operations. Automating response and partnering with a trusted provider to manage detection and response are both paths to faster threat containment.”
To read the full report, please visit https://www.deepwatch.com/state-of-the-modern-soc/.
Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business. Visit www.deepwatch.com to learn more.