Last updated at Thu, 28 Sep 2023 20:08:52 GMT
New research sponsored by Rapid7 explores the momentum behind security operations center (SOC) modernization and the role extended detection and response (XDR) plays. ESG surveyed over 370 IT and cybersecurity professionals in the US and Canada – responsible for evaluating, purchasing, and utilizing threat detection and response security products and services – and identified key trends in the space.
The first major finding won’t surprise you: Security operations remain challenging.
Cybersecurity is dynamic
A growing attack surface, the volume and complexity of security alerts, and public cloud proliferation add to the intricacy of security operations today. Attacks increased 31% from 2020 to 2021, according to Accenture’s State of Cybersecurity Resilience 2021 report. The number of attacks per company increased from 206 to 270 year over year. The disruptions will continue, ultimately making many current SOC strategies inadequate if teams don’t evolve from reactive to proactive.
In parallel, many organizations are facing tremendous challenges closer to home due to a lack of skilled resources. At the end of 2021, there was a security workforce gap of 377,000 jobs in the US and 2.7 million globally, according to the (ISC)2 Cybersecurity Workforce Study. Already-lean teams are experiencing increased workloads often resulting in burnout or churn.
Key findings on the state of the SOC
In the new ebook, SOC Modernization and the Role of XDR, you’ll learn more about the increasing difficulty in security operations, as well as the other key findings, which include:
- Security professionals want more data and better detection rules – Despite the massive amount of security data collected, respondents want more scope and diversity.
- SecOps process automation investments are proving valuable – Many organizations have realized benefits from security process automation, but challenges persist.
- XDR momentum continues to build – XDR awareness continues to grow, though most see XDR supplementing or consolidating SOC technologies.
- MDR is mainstream and expanding – Organizations need help from service providers for security operations; 85% use managed services for a portion or a majority of their security operations.
Download the full report to learn more.
- Learn more about Rapid7's Managed SOC Services
- What's New in InsightIDR: Q2 2022 in Review
- [The Lost Bots] Season 2, Episode 1: SIEM Deployment in 10 Minutes
- Rapid7 MDR Delivered 549% ROI via Headcount Avoidance, Time Savings, and Breach Risk Reduction
- The Average SIEM Deployment Takes 6 Months. Don’t Be Average.