To Automate or Orchestrate? Enterprise Strategy Group survey calls for guidance and a shift toward accelerating Security Operations
BOSTON–(BUSINESS WIRE)–DFLabs, the leader in Security Automation and Orchestration Technology, announced today the release of new research from Enterprise Strategy Group (ESG), commissioned by DFLabs and other technology vendors, which shows that when it comes to the evolution of Cybersecurity Analytics and Operations, 71% of respondent organizations find it more difficult today than it was two years ago due to the changing threat landscape, followed by volume of alerts and increased regulatory changes.
“Despite businesses making it a priority, there is great confusion on how to make sense of and integrate Security Analytics and Operations. Most organizations are dealing with 10 to 25 technologies ranging from SIEMs, vulnerability assessment, endpoint detection, threat intelligence and user behavior to incident response. They are challenged with the total cost of operations and spending too much time on emergency issues,” said Jon Oltsik, Senior Principal Analyst, ESG.
This need for strategy and process improvements is why purchasing security operations tools designed to help organizations automate and orchestrate security operations processes was cited as the second highest priority respondent organizations will take over the next two years. The majority (90%) of respondent organizations are planning to deploy, or have somehow deployed, technologies designed for Automation and Orchestration.
The research also revealed that Automation is a higher priority (66%) than Orchestration (31%) – pointing to the need for a maturity model to guide security operations centers (SOCs) and cybersecurity professionals on their journey.
Added Oltsik, “There is a lot of hype but these are not turnkey solutions. Most organizations start by employing automation to the most time-consuming low-level tasks, such as integrating external with internal IOCs; whereas orchestration, such as building a run book, requires more thought and planning and attention. We found a great need for a ‘guided’ approach to full automation and orchestration and DFLabs is the only vendor today to do both.”
Finally, the survey found a shift in focus from threat detection to incident response. Eighty-six percent (86%) of respondent organizations are currently using or plan to use an incident response platform while 92% have deployed, plan to deploy or are interested in deploying Machine Learning technology to support Automation and Orchestration – with accelerating incident response as a top driver.
“This research validates our vision for Supervised Active Intelligence (SAI)™. By giving customers a path from machine-to-human to machine-to-machine operations, we gradually guide them on the maturity curve to full automation and orchestration – without losing the element of human control,” said Dario Forte, CEO, DFLabs. “Based upon an innovative machine learning and incident correlation engine, DFLabs offers a force multiplier solution that helps security operations and incident response teams quickly orchestrate the triage, containment, reporting, and remediation of data breaches and other cyber incidents.”
Surveying 412 IT professionals and cybersecurity professionals across a broad range of industry verticals, the multi-client research, titled “Next Generation Cybersecurity Analytics and Operations Survey,” seeks to better understand the evolution of the market including requirements, skills, challenges, and technology adoption plans.
Other key highlights include:
– Eighty-one percent (81%) strongly agree or agree that improving Security Analytics and Operations is a high priority
– 78% strongly agree or agree that they have a formal plan and funding to improve Security Analytics and Operations
– 72% strongly agree or agree that business management is pressuring the cybersecurity team to improve Security Analytics and Operations
– Eighty-two percent (82%) will increase spending in Security Analytics and Operations
In-depth data is also available upon request on the topics of staffing, security operations centers (SOC), managed security services, security data collection, threat intelligence, and technology integration.
To request a copy of the research please visit: https://goo.gl/UGM8oY
DFLabs is a recognized global leader in Security Automation and Orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milan, Italy. For more information visit: http://www.dflabs.com or connect with us on Twitter @DFLabs.
Leslie Kesselring, 503-358-1012