Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
Tips for Modernizing SecOps Teams
Dark Reading's special report looks at ways security operations teams can improve their efficiency and effectiveness to address the latest threats.
The security operations center is the enterprise's first line of defense against an active attack. It is also the base of all security operations, as the team sifts through threat intelligence, logs, and activity reports from within the enterprise as well as key partners.
Despite the critical nature of their work, many SecOps teams are underfunded and understaffed. It isn't unusual to find them working with antiquated tools and outdated data.
Dark Reading's special report "Key Elements Enterprises Needs to Include in Modern SecOps" considers ways to invest in SecOps teams to give them the tools to manage systems, unlock threat detection, and master data collection — all necessary for defending the enterprise against the latest wave of advanced and complex threats.
Today's enterprise SecOps centers are both massively distributed and highly localized. An enterprise often has more than a dozen authorized global cloud providers — on top of an untold number of shadow IT cloud deployments. Some of these clouds are designed to work with others, but many are not.
Complexity is one of the biggest challenges facing the SOC, says Steve Winterfeld, the advisory CISO at Akamai.
"When I became a CISO, I didn't realize how much time would be consumed with vendor management," Winterfeld says. “But having a large number of security capabilities can lead to multiple issues. You have one engineer trying to maintain and optimize multiple systems, so none of them are up to date. Next you have one analyst trying to respond to feeds from multiple systems and, in some cases, multiple dashboards. This leads to missed alerts that could have prevented an incident from becoming a major crisis."
Read "Key Elements Enterprises Needs to Include in Modern SecOps" to learn the best strategies for selecting and managing security tools, as well as embedding automation through the operations. Within the lengthy list of things that SecOps teams have to do, there are also several tweaks and small fixes they can apply to make operations more effective and efficient.
About the Author
You May Also Like