The 2020 State of Security Operations report, by Micro Focus and CyberEdge Group, revealed that security operations centres (SOCs) are most concerned with advanced threat detection and are increasingly looking to artificial intelligence (AI) and machine learning (ML) technologies to proactively safeguard the enterprise and close the talent gap.
India (58%) and Japan (47%) were cited in the report as having the strongest concern in comparison to their global (45%) peers when it comes to tackling the increased volume of cyberthreats and security incidents).
Tools in use
Over 93% of respondents employ AI and ML technologies with the leading goal of improving advanced threat detection capabilities, and more than 89% expect to use or acquire a Security Orchestration and Automated Response (SOAR) tool within the next 12 months.
India leads the pack when it comes to cloud adoption, with 75% having their IT security operations software and services in the cloud, while the other countries report a range from 59% to 64%.
As SOCs continue to mature, more will be deploying next-gen tools and capabilities at an unprecedented rate to address gaps in security.
“The hunt for people with tech skills in Asia has intensified exponentially during the pandemic and security operations teams are stretched thin as they tackle the skyrocketing cyberthreats and security incidents—accelerated by workforce usage of unmanaged devices. We can expect to see an unprecedented rate of deployment of next-gen tools and capabilities as organizations scramble to close this crucial gap,” said Stephen McNulty, President, Asia Pacific and Japan, Micro Focus.
Favourite framework
As the volume of threats rise, the report finds that 90% of organizations are relying on the MITRE ATT&K framework as a must-use tool for understanding attack techniques, and that the most common reason for relying on the knowledge base of adversary tactics is for detecting advanced threats.
The scale of technology needed to secure today’s digital assets means SOC teams are relying more heavily on tools to effectively do their jobs. With so many responsibilities, the report found that SecOps teams are using numerous tools to help secure critical information, with organizations widely using 11 common types of security operations tools and with each tool expected to exceed 80% adoption in 2021.
Key observations:
- COVID-19: During the pandemic, security operations teams have faced many challenges. The biggest has been the increased volume of cyber threats and security incidents, with India and Japan being the top two countries that report this as the biggest challenge (58% and 47% respectively, against the global average of 45%)
- Most severe SOC challenges: Approximately 1 in 3 respondents cite the two most severe challenges for the SOC team as prioritizing security incidents and monitoring security across a growing attack surface.
- Cloud journeys: India takes the lead when it comes to cloud adoption, with every surveyed organization having at least some sort of cloud deployment. Across the globe, over 96% of organizations use the cloud for IT security operations, and on average nearly two-thirds of their IT security operations software and services are already deployed in the cloud.
