Top four causes of unsustainable security operations

It shouldn’t come as a surprise that organizations are struggling to establish and maintain superior security operations methods. In fact, only 45 percent of global organizations are confident in their security relative to today’s threats, according to Cisco’s 87-page “2016 Annual Security Report.”

So, what is affecting the majority of organizations so that they cannot implement effective security methods? In a recent webinar titled “Automating Security Operations,” Swimlane Founder and CEO Cody Cornell uncovered four major causes of unsustainable security operations today.

Let’s explore these further.

Unsustainable operations: What’s happening?

Challenges stand in the way of organizations establishing a solid cybersecurity strategy—four of which Cornell divulged. “These factors, on a macro level, are leading organizations to what is becoming an unsustainable security operations situation,” he said.

• Unprecedented volume of attacks: Throughout recent history there has been a year-over-year increase in the number of cyberattacks affecting companies. This increase in attack volume, coupled with the numerous monitoring technologies being used to detect and identify attack and vulnerability data, can leave organizations dealing with tens of thousands of alarms each day.

• Alert fatigue: The growing number of alarms is leading to what many in the industry describe as “alert fatigue,” or the exhaustion felt by companies trying to keep up with the required response activities—including the threat intelligence made available through both commercial and open source providers. It’s no surprise that security operations teams are exhausted by the sheer volume of data being dealt with—especially if they’re relying on antiquated tools to get the job done.

• Antiquated response tools: It might be an old ticketing system, for example, or a homegrown security solution that can no longer support your organization’s security measures or needs. Whatever the case, legacy technologies will make it difficult for organizations to manage and support the use cases they are trying to implement. In fact, only 59 percent of organizations say they are equipped with the “very up to date” security tools (down 5 percent year-over-year), according to Cisco’s findings.

• Lack of qualified cybersecurity staff: “I think the most important and probably difficult hurdle for organizations is a lack of qualified staff,” Cornell said, adding that currently there are over one million vacancies globally for cybersecurity staff. It can be difficult to find, cultivate and retain cybersecurity staff, especially when the churn rate is abnormally high.

In 2016, arm your organization with sustainable operations by tackling each of these challenges head on. If you want to learn more about security operations best practices or how to specifically overcome these four challenges, watch the 27-minute “Automating Security Operations” webinar replay where Cody demonstrates three use cases for automating your cybersecurity operations.