Welcome to our latest blog series on Security Operations Centers (SOCs). Over the next several weeks, we will address the issues impacting the creation of SOCs today as well as the four steps necessary to build a world-class SOC that protects, detects, and quickly responds to data breaches. This week, we’ll focus on the issues accelerating the need for SOCs today.
The year 2017 is critical for cybersecurity. Cyberattacks continue to increase in scope and complexity, with the number of data breach disclosures jumping 40 percent in 2016. The moment a company thinks it plugged a security gap, creative hackers have consistently proven they are able to exploit other weaknesses quickly.
Businesses are waking up to the sobering fact that they must beef up spend and resources to create a better cybersecurity strategy. Unfortunately, there’s a tremendous shortage of cybersecurity professionals in the job market today who could execute those strategies. Clearly supply is woefully behind demand, forcing businesses to make the difficult decision as to whether to strike out on their own to build an in-house Security Operations Center (SOC) or work with a third-party managed security services provider to safeguard their company.
It’s difficult to solve a problem unless you understand what led to the problem in the first place. Here are four interconnected issues that have led to billions of dollars’ worth of – and infinitely greater emphasis on – cyberattacks:
- Consistent increase in attacks and awareness: Research from the Ponemon Institute, amongst others, have found the number, frequency, and impact of cyberattacks have steadily risen for the last five years and will not abate anytime soon. As one example, in a recent security threat report, Symantec noted it had discovered over 430 million new and unique examples of malware – a 36 percent increase from the year before. Understandably, a 2016 Deloitte-NASCIO Cybersecurity study found cyber risk rose in importance for governors and other state officials. More than 90 percent of those surveyed state cybersecurity is important to their states, and more than 94 percent say it’s important to their individual agencies.
- Shortage of expert cybersecurity resources: The Deloitte-NASCIO study also found the top two barriers to cybersecurity readiness are related to securing sufficient resources – both funding and talent. Eighty percent of those surveyed say inadequate funding is one of the top barriers to effectively addressing cybersecurity threats, while more than half cite the lack of cybersecurity professionals as a problem. According to the U.S. Bureau of Labor Statistics, up to 2 million cybersecurity jobs will remain unfilled in 2019. Companies are stuck between a rock and a hard place: They are under significant market pressure to innovate and move to market quickly, yet keep intellectual property and sensitive customer information secure. In many industries, being first to market takes priority over being secure to market. The result is that IT resources charged with powering business innovation do not have the resources or time to properly investigate cyberattacks.
- Tougher cybersecurity regulations worldwide: Governments are attempting to instill regulations and policies that will empower nation states as well as the public and private enterprises conducting business within them to have the ability to stop hackers before they breach IT systems and steal sensitive customer information. The European Union’s General Data Protection Regulation (GDPR), set to go into effect May 2018, toughens many of the existing cybersecurity laws the EU had in place restricting companies’ use of individuals’ personal information. At the end of 2016, the U.S. Commission on Enhancing National Cybersecurity issued its final report – Securing and Growing the Digital Economy – which included 16 major recommendations and 53 action items to serve as a framework to significantly enhance the country’s cybersecurity.
- Increasing technological complexity: It’s not just about traditional physical IT infrastructure anymore. Internet of Things (IoT) gives companies the opportunity to track and market to individuals like never before – accessing data about what their prospects are doing at any given moment – blending disruptive tech trends including big data, cloud, and mobility. IoT is in a rapid growth phase: recent research predicts the number of wearable devices will increase 35 percent over the next four years to 411 million devices worldwide. Smart sensors are also quickly proliferating the business landscape, set to grow from 5 billion in use today to 21 billion by 2020. On the heels of IoT comes Artificial Intelligence (AI), which has potential to also deliver powerful insights and drive faster business decision making. There will also be a significant increase in artificial intelligence (AI) investments in 2017 compared to 2016. In fact, Forrester predicts investment in artificial intelligence will grow 300 percent in 2017.
Come back next week as we examine the misconceptions and false starts that have given SOCs a bad name in recent years. Can’t wait until then? Visit our website to learn how US Cyber Vault’s managed security services deliver security operations center, analyst, intelligence and incident response capabilities rapidly, enabling companies to save up to 90 percent on traditional cybersecurity costs.