How has the pandemic impacted cyber security? Threats increase but organizations keep pace
- Published: Thursday, 04 February 2021 10:26
Siemplify has released new research on ‘The State of Remote Security Operations’. Based on a recent survey of nearly 400 security operations (SecOps) professionals, the report studies how the sudden shift to remote work during the COVID-19 pandemic has affected SecOps pros ability to perform their jobs and the impact on overall security postures.
The research finds that overall cyber security posture has remained strong due to greater investments in security automation technologies and reliance on managed security service providers (MSSPs), potentially paving the way for many security operations centers / centres (SOCs) to become permanently remote.
SecOps is a highly collaborative function, with security analysts working closely in physical SOCs to address tens of thousands of alerts and security incidents daily, hunt for threats and problem-solve responses. The unexpected shift to remote workforces means that these professionals have been tasked with the challenge of securing more complex and dispersed, cloud-based environments at the same time that they themselves are working from home and have lost the benefits of collaborating with their colleagues in a centralized SOC.
“With threats growing in frequency and sophistication, and with the added challenges of performing SecOps from home, I think many people expected organizations’ cyber security postures to take a hit during the pandemic,” said Nimmy Reichenberg, CMO and head of strategy of Siemplify. “But our research showed just the opposite – 74 percent of respondents said their cyber security posture has remained largely the same or has even improved. There may have been initial struggles, but this clearly shows that the industry has risen to the occasion, pivoting quickly to help organizations ensure business continuity while staying protected during these challenging times.”
Key findings from The State of Remote Security Operations Report:
- Insecure home networks and cloud adoption are the biggest threats: When asked to identify the top security risks facing their organization since transitioning to remote work, respondents named their employees’ insecure home networks as the top threat, followed by increased cloud adoption at a close second. Additionally, 57 percent report seeing more phishing threats since the shift to remote work.
- Challenges are mounting as alerts increase: 42 percent report that their alert volume is higher now than it was prior to the pandemic. Respondents also report that their jobs have become more difficult since going remote. 51 percent say investigating suspicious activities is more challenging in a remote environment, 47 percent say collaborating with their peers is more difficult, and 39 percent say problem solving and alert handling are more challenging from home.
- SOCs will forever change: the physical SOC will probably never return to its glory days, as virtual or hybrid SOCs offer more flexibility in recruiting hard-to-find cyber security talent and result in more satisfied security analysts. More than a quarter (26 percent) of respondents say it will be 12 months or longer before SecOps teams transition back to on-premises work, or that their SecOps teams do not intend to ever go back to on-premises. Only 30 percent of respondents mentioned their morale had been reduced, while the rest had reported their morale has not changed (31 percent) or improved (39 percent).
- Investments in automation and managed services are increasing: to cope with the challenges of remote work, SecOps teams are turning to security automation technologies and the help of MSSPs. 76 percent of respondents say the COVID-19 pandemic has played a role in their actions to increase SecOps automation or is expected to in the near future. 37 percent have prepared new automated playbooks to respond to emerging, remote-specific threats, and 52 percent say their use of an MSSP has increased.
- Security postures remain strong: even as SecOps has become more complex in today’s remote landscape and alerts have increased, security professionals have managed to keep their organizations well protected. Almost half (47 percent) say their security posture is mostly the same as before the pandemic and 27% say their security posture has actually improved. Just 26 percent of respondents say their security posture is worse than it was before the pandemic. Additionally, one-third of respondents are planning to or have already enhanced benefits to help retain SecOps staff.