Skip to main content

Security Operations Efficiency is Not Gained Through a Patchwork of Expensive Security Tools

August 28, 2018

Cloud, mobile, social media, IoT and big data have profoundly expanded the attack surface in the latest cyber super cycle, and it’s no surprise organizations continue to increase the number of tools in their security infrastructure. Also no surprise is the amount of cyber security spending growing at over a 29% CAGR (Momentum Cyber) yet organizations are barely keeping up with the increasing threat landscape.

Efficiency has become the most sought-after outcome for security operations teams. The ideal state is a self-learning environment with automated analysis, triage and remediation. Full attainment of this ideal will likely forever remain out of reach, however incremental improvements in operational efficiencies can be achieved. Nevertheless, unknowingly, many security operations teams seeking improvements move in an opposing direction, negating the efficiencies they were aiming to gain.  

Too many tools that are not integrated are creating a new problem. Why? 

Triaging events involve several repetitive low value tasks that grow exponentially with each new alert.  Human error and oversight increase as the backlog of alerts pending triage grows. Even with a SIEM in place, triage will still involve manually logging into multiple systems to gather additional information. Adding more staff won’t help, even if you can find skilled resources to hire. According to recent studies, there is a cyber security talent gap that exists across the entire country, where security staffing shortages are currently at approximately 747K (Momentum Cyber 2018 Almanac) and projected to hit 1.8 million by 2022 (Frost and Sullivan Executive Briefing, Center for Cyber Safety and Education 2017 Global Information Security Workforce Study, Benchmarking Workforce Capacity and Response to Cyber Risk).

“There is no silver bullet in cyber security," says Dave Dewalt, Executive Chairman, Momentum Cyber and Vice Chairman, Optiv. "An efficient integration of people, process, and technology is essential to defend against today's ever-increasing threat landscape.”

How does an enterprise get out of this cycle of adding disparate tools and a growing backlog of alerts? To overcome these problems, security operations teams must focus on technical and operational efficiencies. Efficiencies can be gained in different ways and to varying degrees based on the approach taken. 

For example, technical efficiencies can be gained by keeping the existing solutions in the environment up-to-date and utilizing the new feature sets that manufacturers have introduced, namely machine learning. 

Optiv and Momentum Cyber recently published a white paper to help readers understand the approach to both types. Download the white paper to learn which incremental improvements in operational efficiencies are well within your reach.


    Todd Weber

By: Todd Weber

VP, Partner Research and Strategy | Partners & Partner Operations

See More

Related Blogs

September 05, 2018

We Want Robots to Do (Part of) Our Job

The job of an information security analyst today is rife with repetitive, sometimes mundane tasks that are performed based on the analyst’s best pract...

See Details

November 03, 2017

Orchestration & Automation (O&A) Methodology

O&A is at the heart of working with big data in an automated and efficient fashion. It involves two important elements: orchestration - planning and c...

See Details

October 08, 2018

3 Key Ways To Improve Your Incident Response

As attack surfaces expand it is critical for enterprises to develop and implement a proactive incident response (IR) plan that combats an increasing l...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.