Security Operations Centers (SOCs) are placing increasing emphasis on threat detection. They also work more proactively by warning of possible threats to the networks they manage. The active counteraction of threats therefore has less and less emphasis at SOCs.
That is what research agency Gartner is doing in an investigation into the activities of SOCs and emerging security trends. Gartner argues that today’s SOCs are investing more and more time and money in detecting and responding proactively to threats. Automation and new login methods play an important role in this.
Comprehensive approach
Gartner predicts that by 2022 half of all SOCs will respond actively to incidents and that knowledge and response capabilities in relation to incidents and threats are improving. In 2015, only ten percent of the SOCs had their main focus here.
Research leader Peter Firstbrook states that the need for a SOC that integrates threat intelligence, consolidates security alerts and automates responses is greater than ever. Especially now that companies are moving more and more to the cloud, it is more important than ever to make sure that everyone knows as much as possible what he or she is doing.
For example, Gartner believes that most of the security incidents surrounding cloud services in the coming period will be due to errors made by the customers of these services. Cloud service providers therefore have their affairs in order more than their customers. According to the research bureau, the main problem is that SOCs have too much work on their hands, and automation and good information can play a major role in this.
New strategies
Interestingly, according to Gartner, more and more companies are switching to new authentication methods. Passwords play less and less of a role. Companies are switching to biometric login methods, for example. This reduces the risk of hacking due to careless use of passwords.
According to the researchers, this is one of the strategies that SOCs will increasingly apply. Because there is also a shortage of cyber security professionals, SOCs will also increasingly switch to artificial intelligence, machine learning and automation to protect their networks.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
10 hours ago
