There is no shortage of challenges security teams face today: an ever-increasing barrage of advanced threats, an increase in number remote workers accessing the corporate network, proliferation of security tools to cover an expanding attack surface, an increase in number of cloud applications, and a shortage of security skills.
As IT environments become increasingly dispersed – with the proliferation of devices, users and technologies – CISOs cite several reasons that hamper cyber resiliency improvements.
But reasons that stood out were inability to reduce silo and turf issues (69%), fragmented IT and security infrastructure (65%), and lack of visibility into applications and data assets (60%).
Reasons why cyber resiliency hasn’t improved
The obvious next question is how many tools security teams deploy. You would be startled with the response.
83% of the respondents said they had more than 20 tools, with 30% of them having more than 50 tools. Which segment do you fall into?
See the graphic below.
How many tools security teams deploy?
So, what does this all mean?
The impact of many siloed tools and disjointed workflows is costs and complexity. As per ESG, survey in April 2021, 59% of organizations say cybersecurity has become more difficult over the last two years.
Also, data breaches are costing over $2 million per incident on an average, and taking an average of over 250 days to identify, according to the 2021 Cost of a Data Breach Report from Ponemon Institute.
Additionally, since traditional approaches rely on finding what is known, they miss the new threats. There is poor visibility or blind spots as digital transformation and cloud have expanded the monitoring needs. Lastly, humans can have difficulty in catching up with several moving parts.
Evolving enterprise architecture is compelling CISOs to modernize their SOCs
To strengthen cyber resiliency, CISOs must take threat management to the next level with a unified and connected approach that provides deeper visibility, automation and contextual insights across endpoint, network, cloud, and applications.
As per the survey, security investments that have led to significant improvement in cyber resiliency, automation, and ability to improve visibility stood out.
65% reported the ability to have visibility into applications and data assets
62% reported the use of automation, AI and machine learning
An open, unified, and connected approach to SOC modernization
To modernize SOC, CISOs need to work towards modernize their threat detection and response set-up so as to eliminate silos, unify workflows and automate work.
An XDR solution can unite multiple siloed security tools and reduce the complexity that impedes fast detection and response.
It can provide more advanced analytics and automated workflows that give teams time back to investigate and hunt for threats.
Hence, it’s hardly surprising that among those surveyed globally, 31% of organizations have adopted XDR, and 76% agree that adopting XDR has strengthened their organization’s cyber resiliency.
What is IBM’s announcing?
Realizing this, IBM is adding native XDR capabilities to our security portfolio by acquiring ReaQta, which brings AI-powered Endpoint Detection and Response (EDR) capabilities – among other things.
This acquisition, and the capabilities it brings, allows IBM Security to offer all core XDR functions – EDR, NDR, SIEM, SOAR, and Threat Intelligence – under our flagship QRadar brand to modernize your SOC.
As our global General Manager for IBM Security, Mary O’Brien, puts it, “The future of security is open, using technologies that can connect the security insights that are buried across disparate tools and advanced AI to identify and automatically respond to threats more quickly across their entire infrastructure, from endpoint to cloud. With our expanded capabilities via QRadar XDR and the planned addition of ReaQta, IBM is helping clients get ahead of attackers with the first XDR solution that reduces vendor lock-in via the use of open standards.”
Generally speaking, sales drives everything else in the business – so, it's a no-brainer that the ability to accurately predict sales is very important for any business. It helps companies better predict and plan for demand throughout the year and enables executives to make wiser business decisions.
Applications are bound to face occasional outages and performance issues, making the job of IT Ops all the more critical. Here is where AIOps simplifies the resolution of issues, even proactively, before it leads to a loss in revenue or customers.
Organisations are constantly challenged to meet dynamic customer requirements and rethink ways to engage with them on their terms and as per their convenience. With customers at the core of decision making and business success, organisations are tuning to digital capabilities that can support new-age services. When done well, after sales service boosts the overall customer experience by providing […]