The State of SecOps in 2019: Best Practices and Key Challenges

pwheiler Trusted Contributor.
Trusted Contributor.
3 0 1,537

If you’ve ever worked in security operations (SecOps), then you know it’s no easy task to face off against increasingly sophisticated attacks, day after day, year after year. Security operations centers (SOCs) have to stay meticulously up-to-speed on the latest threats if they want to keep their networks and data secure. But evolving cyberattacks aren’t the only major threat to SOCs. When left unaddressed, operational challenges can be just as dangerous. They can disrupt the ebb and flow of work within the SOC, opening the way for threats to more easily breach defenses. Just as with advanced threats, operational “threats” require vigilance and focus to overcome.

The State of SecOps in 20192.pngLuckily, Micro Focus can help organizations address both. The ArcSight Next-Gen SIEM (with Interset UEBA) implements multiple layers of security analytics to help organizations detect and respond to even the most complex cyber-threats. As for operational challenges, Micro Focus offers its Security Intelligence and Operations Consulting (SIOC) services, who visit, evaluate, and advise SOCs worldwide. Occasionally the SIOC team gets an opportunity to share their insights and research with others, through assets like Micro Focus’ recently published 2019 State of Security Operations Update.

The Micro Focus 2019 State of Security Operations Update offers valuable insights into emerging global SecOps trends, common challenges for 2019, best practice tips, real-world examples, and proven success factors from top-performing SOCs worldwide. Whether you’re new to the field or an industry veteran, this report will provide valuable insights to help improve your SOC’s maturity and success.

The eBook identifies five key challenges for SecOps teams today, as well as recommendations for addressing each challenge:

  1. An inability to secure talent
  2. Insufficient budget
  3. The absence of documented processes
  4. A need for new, advanced security technologies
  5. A lack of mission clarity and business alignment

Some of these challenges, like budget and talent shortages, may not come as a surprise. But what is surprising is that most SOCs haven’t been able to address them yet. SOCs continue to struggle with them, and so it becomes increasingly important that successful SOCs share their best practices with those that could benefit from them. That is one of the core goals of this eBook.

As Michael Mychalczuk, Director of Product Management for Security Operations at Micro Focus, said “Our assessment of top-performing SOCs reflects that, as with any challenge, you should start with the basics. Establish a strong foundation with a proven security information and event management (SIEM) system, well-trained people, standardized processes, and clear business alignment.”

One other goal of this report, though, was to look at the future. As threats continue to evolve, so must cyber defense capabilities. Organizations must begin implementing next-generation SOCs. A next-gen SOC will employ an arsenal of open-architecture security tools that will address core capabilities like log management and SIEM, but that will also integrate with threat hunting, UEBA, SOAR and other advanced technologies to close defensive gaps and improve efficiency in threat detection, investigation, and response.

Download the free eBook today at 2019 State of Security Operations Update here.

For even further insights, I also recommend reading this recent article, State of Security Operations 2019: 5 challenges for SOC teams, on TechBeacon.

Tags (4)
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.