An intriguing security operations (SecOps) metamorphosis has occurred as the COVID-19 pandemic has rampaged across the U.S.: While the sharp turn to remote work has made SepOps professionals’ jobs harder, bigger investments in automation technologies and relying on managed security service providers (MSSPs) has kept companies’ security profiles strong, new research found.That’s the macro takeaway that Siemplify, which provides security, orchestration, automation and response (SOAR) solutions, extracted from input of some 400 SecOps pros, encapsulated in its State of Remote Security Operations report. These analysts have been asked to secure more complex and dispersed, cloud-based environments at the same time that they themselves work from home absent collaboration with their counterparts in a centralized SOC.
26%: It will be 12 months or longer before SecOps teams transition back to on-premises work if they even do so.
39%: Morale has improved; 31%: morale unchanged; 30%: morale reduced.Challenges:
42%: Alert volume is higher now than it was prior to the pandemic.
51%: Investigating suspicious activities is more challenging in a remote environment.
47%: Collaborating with their peers is more difficult.
39%: Problem solving and alert handling is more challenging from home.Top threats:
Employees’ non-secure home networks, increased cloud adoption.
57%: Increased phishing threats.Investments:
76%: COVID-19 is a factor to increase SecOps automation or will be in the near future.
37%: Prepared new automated playbooks to respond to emerging, remote-specific threats.
52%: Use of an MSSP has increased.Security postures:
47%: Security posture is mostly the same as before the pandemic.
27%: Security posture has improved since the pandemic.
26%: Security posture is worse than before the pandemic.
33%: Planning to or have already enhanced benefits to help retain SecOps staff.
Remote Security Operations: Siemplify Research Findings
“With threats growing in frequency and sophistication, and with the added challenges of performing SecOps from home, I think many people expected organizations’ cybersecurity postures to take a hit during the pandemic,” said Nimmy Reichenberg, Siemplify’s chief marketing officer and head of strategy. “There may have been initial struggles, but this clearly shows that the industry has risen to the occasion, pivoting quickly to help organizations ensure business continuity while staying protected during these challenging times,” he said.With that in mind, here are they key findings from the study (based on % of respondents):Remote vs. on premises:26%: It will be 12 months or longer before SecOps teams transition back to on-premises work if they even do so.
39%: Morale has improved; 31%: morale unchanged; 30%: morale reduced.Challenges:
42%: Alert volume is higher now than it was prior to the pandemic.
51%: Investigating suspicious activities is more challenging in a remote environment.
47%: Collaborating with their peers is more difficult.
39%: Problem solving and alert handling is more challenging from home.Top threats:
Employees’ non-secure home networks, increased cloud adoption.
57%: Increased phishing threats.Investments:
76%: COVID-19 is a factor to increase SecOps automation or will be in the near future.
37%: Prepared new automated playbooks to respond to emerging, remote-specific threats.
52%: Use of an MSSP has increased.Security postures:
47%: Security posture is mostly the same as before the pandemic.
27%: Security posture has improved since the pandemic.
26%: Security posture is worse than before the pandemic.
33%: Planning to or have already enhanced benefits to help retain SecOps staff.
