Given that the cost of
data breaches has increased 96% since 2011, it’s time that security
operations move out of IT and gain the direction from upper management.
That’s especially true given that a disturbing majority of them are
immature and underprepared for the threat landscape.
That’s the assessment from HP, whose 2015 report on the State of Security Operations, and almost 70% of security operation centers (SOCs) and cyber-defense organizations are only achieving "minimum ad-hoc threat detection and response capabilities.” In other words: enterprises around the world are grossly unprepared to defend against even the most basic of cyber-attacks.
“The size, scope and severity of cyber-attacks now requires the attention and direction of upper management,” the report said. “It has become a boardroom issue that requires thoughtful planning and implementation, aligning with business objectives and risk tolerances.”
Considering that threats are evolving quicker than solutions, the C-suite should act quickly, HP said, laying out several steps to success. For one, companies should prioritize cyber as a strategic component of the business framework, at the same level as finance, marketing and operations. Second, executives need to personally understand how breaches are likely to occur, and the rudimentary methods used to insert malicious code into an organization’s network. And finally, they should actively explore and utilize leading-edge technologies and tools to achieve strategic security goals rather than only relying on traditional defenses.
HP found in its report that 20% of cyber-defense organizations are not providing minimum security monitoring capabilities to their organizations. Additionally, 66% of security operations centers (SOCs) and cyber-defense organizations were found to achieve only minimum ad-hoc threat detection and response capabilities. Further, 87% of them operate at sub-optimal maturity and capability levels.
“The assessments have shown some interesting trends,” HP noted. “Organizations are willing to seek capital for ‘do-it-all’ technology that is flexible and can perform advanced tasks; [but they] often neglect to seek operational budgets to staff the proper resources or to develop the needed processes, resulting in solution deployments that don’t provide the expected value.”
This has caused organizations to accept immature capabilities that address only simple issues, but does not allow them to achieve strategic business goals, minimize risks or secure their environments.
On the plus side, due to major breaches and industry-wide vulnerabilities such as Heartbleed and Shellshock, there has been a significant increase in organizational willingness to share threat intelligence and temporary solutions to problems. Visible breaches meanwhile have led to C-level and board-level exposure to the financial and brand impact on organizations; and through media coverage and internal evaluations, executives are asking questions about the ingredients necessary for organizational recovery, the importance of a security operations program that provides situational awareness, and the need for security organizations to provide ongoing reporting on business risk and incident activity.
“Security operations maturity and capabilities goes beyond a technology investment,” HP noted. “The continuation of highly publicized breaches and the effect to the entirety of a business and consumers' demands ever more effective and efficient cyber defense organizations. These organizations must continually mature in all operations categories including people, process technology and business.”
That’s the assessment from HP, whose 2015 report on the State of Security Operations, and almost 70% of security operation centers (SOCs) and cyber-defense organizations are only achieving "minimum ad-hoc threat detection and response capabilities.” In other words: enterprises around the world are grossly unprepared to defend against even the most basic of cyber-attacks.
“The size, scope and severity of cyber-attacks now requires the attention and direction of upper management,” the report said. “It has become a boardroom issue that requires thoughtful planning and implementation, aligning with business objectives and risk tolerances.”
Considering that threats are evolving quicker than solutions, the C-suite should act quickly, HP said, laying out several steps to success. For one, companies should prioritize cyber as a strategic component of the business framework, at the same level as finance, marketing and operations. Second, executives need to personally understand how breaches are likely to occur, and the rudimentary methods used to insert malicious code into an organization’s network. And finally, they should actively explore and utilize leading-edge technologies and tools to achieve strategic security goals rather than only relying on traditional defenses.
HP found in its report that 20% of cyber-defense organizations are not providing minimum security monitoring capabilities to their organizations. Additionally, 66% of security operations centers (SOCs) and cyber-defense organizations were found to achieve only minimum ad-hoc threat detection and response capabilities. Further, 87% of them operate at sub-optimal maturity and capability levels.
“The assessments have shown some interesting trends,” HP noted. “Organizations are willing to seek capital for ‘do-it-all’ technology that is flexible and can perform advanced tasks; [but they] often neglect to seek operational budgets to staff the proper resources or to develop the needed processes, resulting in solution deployments that don’t provide the expected value.”
This has caused organizations to accept immature capabilities that address only simple issues, but does not allow them to achieve strategic business goals, minimize risks or secure their environments.
On the plus side, due to major breaches and industry-wide vulnerabilities such as Heartbleed and Shellshock, there has been a significant increase in organizational willingness to share threat intelligence and temporary solutions to problems. Visible breaches meanwhile have led to C-level and board-level exposure to the financial and brand impact on organizations; and through media coverage and internal evaluations, executives are asking questions about the ingredients necessary for organizational recovery, the importance of a security operations program that provides situational awareness, and the need for security organizations to provide ongoing reporting on business risk and incident activity.
“Security operations maturity and capabilities goes beyond a technology investment,” HP noted. “The continuation of highly publicized breaches and the effect to the entirety of a business and consumers' demands ever more effective and efficient cyber defense organizations. These organizations must continually mature in all operations categories including people, process technology and business.”