Many security operations centers (SOCs) can detect cyber threats and recover from breaches faster than ever before, according to a study of 144 SOCs conducted by enterprise software company Micro Focus.Key findings from the Micro Focus "State of Security Operations 2018 Report" included:Comparatively, 20 percent of cyber defense organizations assessed over the past five years operated "in an ad-hoc manner with undocumented processes and significant cracks in security and risk management," Micro Focus said. These organizations failed to score a security operations maturity model (SOMM) level 1, which translates to a complete lack of capability.The cyber detection and response capabilities of organizations are evolving, Micro Focus indicated. However, there is still no quick-fix solution that provides organizations with the cyber protection and operational awareness they need to combat all cyberattacks, at all times.
- Cyber defense programs from two thirds of SOCs across all industries experienced median maturity improvement in 2017.
- Over the last five years, 25 percent of SOCs met business goals and worked toward or achieved recommended maturity levels.
- On average, SOCs reported an 8 percent improvement across people and processes.
A Closer Look at Cyber Defense Trends
Micro Focus identified several cyber defense trends for organizations, and these trends included:- Shifting to co-managed operations in partnership with MSSPs and other third-party vendors to overcome a global shortage of cybersecurity talent.
- Rapidly adopting security orchestration, automation and response (SOAR) solutions.
- Investing in the development of "security fusion centers" that promote operational overlap across data security and compliance, monitoring for insider threats and privileged access through behavioral analytics, correlating physical security and cybersecurity data and building consolidated operations and incident response for threat hunting, threat intelligence and IT operations.




