Security operations professionals are increasingly outsourcing their security functions to MSSPs, according to the "2020 State of Security Operations Center" report from digital transformation company Micro Focus.
In terms of MSSP usage, key findings from the report included:
- 88 percent of organizations outsource at least one security function to an MSSP.
- On average, organizations outsource three security functions to an MSSP.
- Security information and event management (SIEM) is the security function outsourced most frequently to MSSPs.
Other notable findings from the report included:
- 93 percent of SOCs are using artificial intelligence and machine learning to safeguard their organizations against evolving cyber threats.
- 90 percent consider the MITRE ATT&K framework to be "a must-use tool" for understanding cyberattack techniques.
- 89 percent intend to use a security orchestration, automation and response (SOAR) tool in the next 12 months.
- SOCs named an increased volume of cyber threats and security incidents (45 percent) and higher risks due to workforce usage of unmanaged devices (40 percent) as two of the biggest challenges they have faced during the coronavirus (COVID-19) pandemic.
- One-third of SOCs cited prioritizing security incidents and monitoring security across a growing attack surface as their most severe challenges.
- On average, nearly two-thirds of respondents' IT security operations software and services are deployed in the cloud.
The report also showed that organizations can leverage various tools to automate their security operations, including:
- Threat hunting
- User and entity behavior analytics (UEBA)
- Vulnerability assessment and management
Partnering with MSSPs can help organizations get the most value out of security operations tools, Micro Focus stated.
Organizations can outsource SIEM, vulnerability management and other security functions to MSSPs, Micro Focus indicated. In doing so, they can ensure security staff is available at all times to mitigate cyber dangers.