Welcome!

FinTech Journal Authors: Yeshim Deniz, Liz McMillan, Pat Romanski, Elizabeth White, Zakia Bouachraoui

Related Topics: @ThingsExpo, @CloudExpo, Cloud Security

@ThingsExpo: Blog Post

Effective SOC and an Automated Process | @ThingsExpo #IoT #M2M #Cybersecurity

There are plenty of very real and costly examples that show why organizations are increasing their spending for cybersecurity

Why 2017 Is the Time to Invest in an Effective SOC and an Automated Process

Every Security Operations Center (SOC) manager and security analyst is struggling to some degree to stay one step ahead of the dramatic growth in cybercrime and the ransomware epidemic. In fact, according to the Cybersecurity Market Report published by Cybersecurity Ventures, a cyber security research and publishing firm, spending on cybersecurity is predicted to top $1 trillion between 2017 and 2021.

There are plenty of very real and costly examples that show why organizations are increasing their spending for cybersecurity. While the high profile Mirai attacks with the Dyn IoT botnet attack affecting more than 100,000 endpoints is just the latest, the reality is that this is just the tip of the emerging iceberg.

With a developing reality of billions of under-protected Internet of Things (IoT) devices, the threat landscape can no longer be successfully traversed with outmoded processes. In 2017, organizations are increasingly seeing the benefits of investing in an automation platform within the SOC for effectively fighting cyber threats.

Because it's a very lucrative criminal enterprise, ransomware will only get bigger in 2018. The challenge of handling the nearly limitless generated alerts by network-connected devices alone will strain the SOC human resource element beyond its capacity, which only increases malware vulnerability. What is clear is that attacks in 2017 and 2018 will become more sophisticated and targeted against businesses, governments, educational institutions, and consumers on a global scale.

While IoT and the cloud will continue to be major sources of concern around managing cyber security, open source is exponentially adding to those challenges. Only a few major companies were heavily invested in open source in 2007. In 2017, things have drastically changed, as open Docker, OpenStack, and other open source technologies are the building blocks to the digital infrastructure. Around this time last year, it was reported that 87 percent of open-source vulnerabilities are cross-site scripting (XSS) and SQL Injection. Being free, open to everyone, and customizable to fit any need has enabled an open source community of perhaps millions. However, the benefits of open source also expose its vulnerabilities as cyber criminals can see exploitable flaws in the code as well.

It's challenging enough for security experts to design and implement a cybersecurity playbook, let alone integrating, managing and continuously improving it. Every organization is resource-constrained in this regard, which is why many are automating processes to fight cyber threats in 2017 as part of an effective SOC. Since replacing existing solutions falls far short of meeting the challenges, organizations and their security professionals will be looking to ways to create new automated layers of defense. These automated prevention and response technologies are the ideal solution to providing the tools that can adapt to emerging threats. Simultaneously, they will enable these organizations and their security teams to maximize the capabilities of existing human and technological resources.

Cyber Criminals Wreak Havoc
It's true that cyber threats are coming from many multiple places as cyber criminals wreak havoc, commit fraud, steal information, and ultimately cripple corporations and governments. The promise of automated prevention and response technologies is the foundation of a strong cyber security playbook that enables the prepared SOC to have clear approaches and automated processes for an informed threat outlook. This level of better preparation will provide organizations of all sizes with the flexibility to withstand unexpected, high impact security events.

A Holistic Approach to Win This Situation
The growing threat landscape has shown organizations that cybersecurity is a vital component that must become part of the fabric of the business. This means having a holistic, intuitive and automated communication, process fulfillment and response platform in order to be competitive in the digital age. These solutions must enable a high level of intuitive product and platform integration with both infrastructure as well as security components of the organization. By integrating advanced automation technologies with cloud architectures and communication platforms, organizations can quickly identify and respond to threats while positioning the business competitively by reducing costs and risks.

This is a growing trend as evidenced by the PwC Global State of Information Security® Survey 2017. The survey shows how "executives are adopting technology and collaborative approaches to cybersecurity and privacy to manage threats and achieve competitive advantages."

More Stories By Slavik Markovich

Slavik Markovich is CEO and Founder of Demisto. He's a serial entrepreneur with a passion to solve hard technology problems. He enjoys reverse engineering things and believes that big things can be built with the right building blocks and strong foundation.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...