Do you need security operations support?

Author: Steven Gevers, Senior Manager, Cyber Defence, Business Consulting Services

Protecting your business from cyber attacks has become increasingly challenging. There are several factors that make a good security posture harder than ever. The threat landscape is continuously evolving. Attackers use automated methods and artificial intelligence to bypass static security measures. The rise of cloud, IoT and 5G leads the attack surface of organisations to grow exponentially. Because of the variety of attacks and increased attack surfaces, defensive teams need to be familiar with a vast range of detection tools and platforms, and everything that comes with them for example, containers, storage whilst maintaining full knowledge of a significantly growing environment. These teams also need time to make sure they keep up with the latest security trends. This leaves little to no time to take a proactive approach and avoid complete panic when there is an incident. Taking a reactive approach not only results in more chaos, it will also burnout the hard-to-find resources working tirelessly to keep your environment safe.

Because of this evolution, there is a lot of movement in the cybersecurity vendor landscape. More and more types of controls, and resources, are required to keep your environment safe. On top of all of this, almost all organisations have a hard time finding the right resources to understand and manage all of these solutions. As a result,  there are often gaps in security without the organisations actually realising this (we have a security team so we should be safe, right?). 

To help organisations, standards as well as technologies continuously evolve. Governance frameworks and best practices (NIST, ISO 2700x, Zero Trust, …) help organisations to define and continuously improve on their security journey. Putting controls in place is one thing. In too many cases, however, controls and procedures are implemented, but then forgotten about. Processes are created but employees keep doing what they have been doing for ages. Security tools are put in place, but not kept up to date, with settings that leave the company as vulnerable as before their introduction.

When new security tools are introduced, many organisations face the same challenges. The organisational impact of a new security tool is often underestimated. This results in, for example, large lists of vulnerabilities untouched and intrusion detection logs not looked at. Security officers want to improve their security capabilities, but have a hard time just running with what they already have. 

Next to a security risk, insufficient security operations also impacts the business. Users cannot get required applications whitelisted, emails are not coming through because of blacklisted IP addresses or out of date filters, people cannot access the internet because “the IT guy” is on holiday… All of this can have a negative impact on how business perceives (and therefore supports) security.

How can organisations solve this challenge? Many organisations don’t have the budget to hire experts on each and every security technology. One person can only master so many technologies. Even if money would be available, the security skills gap makes it hard to find the right resources. Automation is key in answering this question. However, the human component will always remain important; and working with partners to support your security needs gains importance. According to Gartner®*, by 2025 90% of SOCs in the G2000 will use a hybrid model by outsourcing at least 50% of the operational workload. 

Outsourcing does not mean losing control over your responsibility to keep an organisation secure. There are security functions that can run completely outside of your organisation but many of them need close interaction and control. For these cases, organisations have to look for a partner that can help build a tightly integrated hybrid model. For example, some organisations have a limited set of internal resources that focus on the quality of the security solutions in place and to ensure control. Legwork and day to day operations are offloaded to security services providers which can also provide expert assistance as needed. This way, internal resources can focus on the business.

Every organisation has its own structure and support needs. However, many can’t keep up with current security trends. Choosing security partners that can flexibly adapt to your business model is crucial to keep your security posture up to par.

For more information on how Verizon can help you address your security challenges, read more at:

  • Secure your organisation.

    Refine your cybersecurity strategy and security program to ensure you're supporting your digital objectives while quickly detecting and responding to threats.

    Learn more
  • Securing critical national infrastructure.

    This paper considers the key security threats and barriers facing CNI organisations based on our own and third party research, and the key strategies you can take to help overcome challenges and mitigate risk. 

    Download report
  • * "SOC Model Guide", 19 October 2021, John Collins, Mitchell Schneider, Pete Shoard.

    GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. 

  • Like what you're reading?

    If you’d like to receive new articles, solutions briefs, whitepapers and more—just let us know.

    Sign up

Let's get started.