IT disaster recovery, cloud computing and information security news

Research highlights growing cybersecurity operational challenges

The results from a survey by Enterprise Strategy Group has found that the rapidly evolving threat landscape and growing volumes of security alarms are the most common challenges facing enterprises today. The 2017 Next-Generation Analytics and Operations Study involved a survey of more than 400 IT and cybersecurity professionals. It found that 72 percent of respondents feel that cybersecurity analytics and operations is more difficult today than it was two years ago.

According to ESG, 89 percent of organizations use external threat intelligence, but IT professionals feel that cyber adversaries are moving faster than network defenders can keep up. These challenges are amplified due to almost half of the organizations reporting a problematic shortage of cybersecurity skills, and admitting they still rely on manual processes and individuals to aggregate and analyse threat intelligence. While analysts work to combine more and more external threat data with internal data and events, organizations will continue to feel as though they are falling behind their adversaries. This need to combine and leverage data is driving automation.

Spending is increasing, but so are the challenges of security operations and analytics. Enterprises are under staffed and feel they do not have the right people. This is where the true value of a threat intelligence platform designed to enable threat operations and management comes into play – by aggregating multiple external and internal threat data sources, reducing noise and maximising existing security investments, defenders are able to improve focus and efficiency by knowing exactly what to work on first. 

“One of the reasons today’s approach to cybersecurity operations is not working is because it is based on too many tools and manual processes,” added Jon Oltsik, senior principal analyst, ESG. “Leading companies are realising this, and moving towards a model based on a security operations and analytics platform architecture (SOAPA). Utilising threat intelligence as a critical component to blend internal and external threat data by integrating network and endpoint tools can help organizations reach their goals of operationalising cyber threat intelligence in real time for risk mitigation and incident response.” 

The survey was conducted in conjunction with ThreatQuotient.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.