Page 144 - Cyber Defense eMagazine September 2022
P. 144
There are tangible consequences in the cybersecurity realm to these staff and skills shortfalls –
misconfigured systems, risk assessment and management that is either rushed or skipped, slow
remediation times that leave systems exposed, and the inability to handle all active threats to the network.
In short, SOC teams are increasingly understaffed and overworked – all while facing a rising tide of
increasingly sophisticated attacks.
Furthermore, outmoded legacy solutions can leave networks even more vulnerable. There are certainly
industries where older means wiser, but in cybersecurity, legacy solutions often cannot keep up with the
evolving threat landscape and are not easily integrated with updated tools. In addition, they often have
complex configuration and maintenance processes that make management, patches or updates
complicated and impractical. According to reports, unpatched vulnerabilities and risky services account
for 82% of successful attacks.
The current threat landscape is only growing. The hybrid work era has driven enterprises to adopt a rising
number of SaaS and web-based tools to deal with the consequences of a decentralized work environment
– messaging apps, file sharing, CRMs, etc. As recent Google Drive and Dropbox hacks demonstrate,
there is a rapidly growing number of new attack vectors which malicious actors can exploit. This trend is
only likely to continue as new SaaS and web-based tools are developed to optimize the modern
workplace, and remote work policies give employees the potential to access sensitive apps from
unmanaged and third-party devices. In short, many companies are a lot more vulnerable than they
realize.
Big Tent vs. Niche
Understaffed and overworked SOC teams are now facing a new hurdle: System Overload. As
cyberattacks grow in sophistication and frequency, the number of cyberdefense tools that security
professionals rely on is constantly growing. Reports indicate that some organizations use as many as 45
different tools on average to keep their networks safe.
These hyper-focused security tools may be effective in the fight against the growing sophistication of
cyberthreats, but their sheer volume is in and of itself a problem because they are often cumbersome to
manage; forcing analysts to waste time toggling between tools. This results in delayed incident analysis
and security system maintenance. Furthermore, the disparate nature of these solutions means that
analysts are unable to get a holistic view of issues or react quickly to breaches. Those using more than
50 tools ranked themselves as 8% less likely to be able to detect an attack and 7% less responsive when
attempting to address it. With staff shortages, SOCs also find it hard to retain the expertise needed to
utilize these multiple systems efficiently.
That said, big-tent, legacy cybersecurity solutions are not necessarily the best alternative. It may seem
beneficial to have many defense tools within the same platform, but the pinpoint responses of niche
solutions to the growing threat-landscape may be lost. In other words, these catch-all solutions can’t
necessarily keep up with the growing sophistication of threats. 40% of cybersecurity professionals said
their current cybersecurity strategy will likely be outdated in just two years, with 37% said it would happen
in three.
Cyber Defense eMagazine – September 2022 Edition 144
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.