If you work as a security analyst, CISO, CSO, or CTO, you’re likely dealing with a SOC and technology stack that doesn’t fully integrate and requires creative-cobbling so that you can make sense of the huge amount of data threats coming at you, whether from your SIEM or other sources. Security teams have had to become resourceful MacGyvers in this day-and-age, simply to keep up with the ever-changing landscape of cyber-threats. In short, cyber-technology rarely is enough, and it often falls short, leaving huge gaps for security teams to figure out, or causing workarounds to sort through false positives.
Why are cyber-technologies consistently falling short of what the industry needs?Cyber-technology companies today come in all shapes and sizes. Often, if a startup comes up with a well-received technology, the company is quickly snapped up and folded into a larger conglomerate. Rather than being an advantage to the industry, this often causes further issues and presents interoperability challenges. The huge players in cyber technologies tend to create their products in isolated environments; indeed, many of their engineers have never even worked in a SOC environment. Oftentimes, the sales teams provide the strategy in terms of how the road map should be built for future product iterations, based on what they’re hearing in the field.
This is problematic, for multiple reasons.
Before you continue reading, how about a follow on LinkedIn?
Security analysts and the leadership teams overseeing them are the ones who are “in the trenches,” so to speak. They see how threats evolve, and they’re constantly trying to stay one step ahead of the bad actors who are trying to infiltrate their networks. Often, teams are de ..
Support the originator by clicking the read the rest link below.
