According to the latest SANS survey (to be released as a webcast in two parts on August 14 and 16, sponsored by DFLabs), security operations centers (SOCs) are forced to grow, as they’re pushed by the use of cloud, mobile, personal and Industrial IoT.
There’s a significant discrepancy in the pace of change, and improvements in security operations can’t seem to keep up the galloping SOC evolution. Furthermore, the top barrier is said to be the scarcity of skilled staff that could improve SOC performance. This shortfall will directly lead to issues with metrics and automation.
SANS Analyst and Instructor Christopher Crowley says: “hiring skilled staff is challenging and expensive, while the business culture at most companies is focused on reducing labor costs and shifting to consuming services. SOC managers need to focus on better recruitment and internal talent development processes to meet the challenge of securing appropriate staffing levels.”
Moreover, he adds that organizations should focus on improving metrics in order to better demonstrate the value of their organization. He’s quite optimistic regarding the future of SOCs that focus on “better orchestration both with the network operations center (NOC) and internal to the SOC using orchestration tools to drive consistency.”
The entire article can be read here.
DFLabs’ Vice President of Professional Services, Mike Fowler will present a session on improving incident response capabilities and how to overcome the shortage of skilled security operations staff at the SANS Security Operations Center Summit on Monday, July 30, 2018 at 12 PM noon CDT.
The shortage of skilled SOC personnel worldwide is only getting worse. With increasing workloads, inexperienced security analysts need to be brought up to speed quickly so they can contribute effectively to SOC Operations. In this session, “Leveraging Orchestration to Facilitate Knowledge Transfer in Security Operations,” Mike Fowler will present a framework that combines a traditional and new knowledge transfer techniques with the help of orchestration to enable under-resourced SOCs to achieve new levels incident response efficiency and productivity.
This press release was originally published on Business Wire. Read the full press release here.
John Moran, Senior Product Manager at DFLabs, writing about the benefits and the downsides of SOC automation in the latest article for Infosec Island titled: “SOC Automation: Good or Evil?”. Read the full article here and discover the recommendations that can help you determine which SOC processes should be automated and the ones that shouldn’t.
Cybersecurity Insiders, one of the world’s leading news sources for information security professionals, has published a review of the DFLabs’ IncMan Security Orchestration, Automation and Response platform, highlighting its signature R3 Rapid Response Runbooks model as a distinguishing feature that sets it apart from its competitors.
Read more about the review here.
In a recent Information-Age article, DFLabs CEO Dario Forte talks about the challenges involved in full automation of cyber security operations, and how they can be addressed. Issues like compliance risks and losing control of the process are just some of them.
Read the full article, “Security operations: does automation have to mean automatic?” here.
Read DFLabs’ VP of Security Evangelism Oliver Rochford’s latest column for SecurityWeek titled “Security Automation is About Trust, Not Technology”. It provides a great insight into the field of security automation and why security teams tend to like it so much, while also offering an overview of some of the misconceptions and the real risks that still prevent a wider adoption of the technology.
Read the full article here.