Global software provider, Micro Focus, launches its 2020 State of Security Operations report, which reveals that SOCs across the globe are increasingly looking to AI and ML to detect advanced threats and proactively protect the enterprise.
The research finds that over 93% of global organisations are implementing AI and ML technologies to improve threat detection capabilities, while over 89% expect to use or acquire a Security Orchestration and Automated Response (SOAR) tool within the next 12 months.
Faced with an increasingly complex threat landscape amid the pandemic and working on teams that are becoming more and more stretched, today’s cybersecurity professionals are under more pressure than ever before. As threat volumes rise, the report reveals that 90% of organisations are relying on the MITRE ATT&K framework as a must-use tool for understanding attack techniques.
To help teams manage an increasingly number of responsibilities and fill security gaps, the uptake of these tools is rising globally. In fact, organisations are widely using 11 common types of security operations tools, with each tool expected to exceed 80% adoption in 2021.
Faced with a constantly evolving threat landscape, made even more complex by a rising number of cyber-attacks amid the global pandemic, today’s SecOps teams are, undoubtedly, under more pressure than ever before. Not only are cybersecurity professionals navigating the enormous challenge of deciphering vast volumes of threat data to detect and mitigate these attacks, but they are also working on teams that are becoming increasingly stretched. In fact, according to government statistics, 48% of UK organisations have a basic cybersecurity skills gap. Given this, it is not surprising that burnout within the industry is an ongoing cause for concern – even before COVID-19, a report found that 30% of security team members are experiencing extreme stress.
While there is no quick fix to these issues, we’ve found that technologies such as AI and ML are helping teams fill the gaps when it comes to advanced threat detection. By augmenting existing capabilities, SecOps teams are relying on these tools more and more to better protect their enterprises, which explains why 80% of organisations plan to adopt them by 2021. In addition, to help teams make sense of threat data, the MITRE ATT&K framework is becoming a necessity within the industry, providing a way to understand emerging threat techniques and draw from the experience and knowledge of others who are also defending against current, real-world attacks.
Equipping security teams with the correct tools and frameworks to effectively deal with an expanding attack surface should be a top priority for every enterprise. But it doesn’t stop there. Looking ahead, it will be more important than ever that cybersecurity professionals receive the correct training and guidance on how to utilise these tools properly and identify the relevant information within frameworks such as MITRE ATT&K. Only then can organisations be confident that they are in the best position to detect and guard their IT ecosystem against cyber threats – and able to protect their teams against burnout in the process.