sb-nz logo
Story image

Security teams turn to next-gen automation to cope with threats

As cyber attacks become more sophisticated, more SecOps teams are turning to next generation automation tools to address gaps in security, according to a new study.

The new Micro Focus report conducted in partnership with CyberEdge Group, titled 2020 State of Security Operations, shows that 93% of security operations centres (SOCs) are employing artificial intelligence (AI) and machine learning (ML) technologies to proactively safeguard the enterprise.

The report’s findings show that more than 93% of respondents employ AI and ML technologies with the leading goal of improving advanced threat detection capabilities.

In addition, more than 89% of respondents expect to use or acquire a security orchestration and automated response (SOAR) tool within the next 12 months.

These findings indicate that as SOCs continue to mature, they will deploy next-gen tools and capabilities at an unprecedented rate to address gaps in security, Micro Focus states.

The report also found that during the COVID-19 pandemic, security operations teams have faced many challenges.

The biggest has been the increased volume of cyber threats and security incidents (45% globally), followed by higher risks due to workforce usage of unmanaged devices (40% globally).

Approximately 1 in 3 respondents cite the two most severe challenges for the SOC team are prioritising security incidents and monitoring security across a growing attack surface.

Finally, more than 96% of organisations use the cloud for IT security operations, and on average nearly two-thirds of their IT security operations software and services are already deployed in the cloud.

Micro Focus head of enterprise security for Australia and New Zealand, George Atrash, says, “While Australia and New Zealand (A/NZ) wasn’t specifically called out in this study, many of the survey results closely resonate with the experience and concerns of A/NZ SOC teams in their daily operations.”

Atrash says, “One of the main challenges for organisations in A/NZ has been COVID-19. With the pandemic and the related work from home policies, SOC teams in A/NZ experienced a significant increase in security incidents related to unmanaged devices and the deriving threats.

"To cope with the highest volume of threats, Micro Focus has seen an increasing interest on the MITRE ATT&CK framework, which gives security professionals a better understanding of attack techniques and provides a consolidated knowledge base for advanced threat detection and protection.

“Furthermore, the proliferation of security tools undoubtedly provides more data, however, operators need to reduce the threat detection time. Hence the interest in ML and AI-based security operation solutions, which help SOC teams improve their detection capabilities.”

Atrash continues, “As many A/NZ organisations start to use the cloud for the majority of their IT security operations software and resources, it will become easier for SOC teams to access security operations functions from literally anywhere in the future.

“In A/NZ, Micro Focus is seeing growing interest in solutions such as SOAR, threat hunting tools and user and entity behaviour analytics (UEBA) in particular.”

On the trends highlighted in the report, Micro Focus CTO Stephan Jou says, “The odds are stacked against today’s SOCs: more data, more sophisticated attacks, and larger surface areas to monitor.

"However, when properly implemented, AI technologies such as unsupervised machine learning, are helping to fuel next-generation security operations, as evidenced by this year’s report."

Jou says, “We’re observing more and more enterprises discovering that AI and ML can be remarkably effective and augment advanced threat detection and response capabilities, thereby accelerating the ability of SecOps teams to better protect the enterprise.”

Story image
Check Point a Leader in Firewall Magic Quadrant for 21st Time
It is the 21st time in the company’s history that Check Point has been named a Leader in Gartner’s Magic Quadrant for Enterprise Network Firewalls.More
Story image
Video: 10 Minute IT Jams - Bitglass director on all things SASE
This is our second IT Jam with both Bitglass and Jonathan Andresen, who is the company's senior director of marketing. In this video, Jonathan discusses all things related to Secure Access Service Edge (SASE): its advantages over traditional security tech, what enterprises should look for, and how SASE relates to cloud-delivered secure web gateways.More
Story image
Secure Code Warrior launches offering to help developers adopt a security mindset
Secure Code Warrior, the secure coding company, has launched a new educational offering that simulates realistic situations to help developers extend their coding skills and preparedness.More
Story image
The ultimate network security audit checklist
Experts project that losses and damage from cybercrime will skyrocket, with attacks ranging from spam and phishing to malware and spyware — all compromising the safety of sensitive data and proprietary information. These attacks can be minimised by performing network security audits regularly.More
Story image
Financial firms exposing data through mismanaged access controls - Varonis
Almost two-thirds of the analysed firms leave more than 1000 sensitive files open for every employee to access.More
Story image
More than just malware, ransomware 2.0 hits businesses hard
Cyber criminals are shifting their focus from encrypting data to publishing confidential information online, according to new findings from Kaspersky researchers. More