Tag Archives: Security Operations Centre

Why tool sprawl could be undermining your threat detection and response efforts

by Simon Walsh

IT security teams have always been on the back foot against agile and determined adversaries. But the concern among CISOs is that the pendulum has swung even further away from them over the past couple of years. Trend Micro alone blocked nearly 63 billion threats last year. This puts tremendous pressure on the security operations (SecOps) analysts tasked with detection and response. And as a new study from Trend Micro reveals, they’re reaching breaking point.

A major part of the problem appears to be a historic over-investment in monitoring tools. If you can’t work from a single version of the truth, prioritising threat alerts effectively is going to be near-impossible.

Continue reading

On the frontline: revealing the personal and professional challenges facing SecOps teams

by Bharat Mistry

It’s easy to forget that cybersecurity is fundamentally about people. Attacks are launched by threat actors, phishing emails are opened by employees, and it is your SecOps team that has to try and detect and respond to increasing volumes of these threats. As good as technology systems are, we haven’t got to the point where all of this defensive work can be automated. So what happens when your most precious resource, your security team, feels overwhelmed by their workload?

According to new research from Trend Micro, it’s a question an increasing number of organisations are facing—but few have a satisfactory answer to. The reality is that under pressure SecOps teams need better tools to correlate and prioritise alerts, so they can work more efficiently.

Continue reading