Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

5 MORE reasons why Security Operations Organizations are ineffective

‎02-03-2014 08:29 AM - edited ‎06-09-2015 11:34 AM

HP revealed in the State of Security Operations 2014 report that 24% of assessed organizations did not meet the minimum requirements to provide consistent security monitoring.

 

In my previous blog, I listed the top 5 mistakes security operations organizations are making.  Here are an additional 5 mistakes as observed by our security intelligence and operations consulting (SIOC) group.

 

View mistakes #1-5 here.

 

#6 - Set it and forget it- Organizations often spend a lot of resources building up a security operations capability but focus drops after the first goals are achieved.  Continuity of focus must continue as a SOC ages in order to ensure effectiveness overtime.

 

#7 - Advanced use cases not effectively operationalized - Advanced use cases are great...if you can tie them into your business processes to achieve the full benefit. Breakdowns in communication between engineering teams that create the system content and analysis teams who are expected to use the content will cause use cases to be ineffective.

 

#8 - Lack of flexibility - Inflexible organizations will not be able to keep up with ever-evolving threats. Some areas of security operations should be rigid, repeatable, and measured while other areas should be flexible, adaptable, and nimble.

 

#9 - Inability to prioritize- It is difficult and costly to protect an entire organization.  A successful SOC requires clear priorities determined by a risk-based approach.

 

#10 - Not learning from others - Informal and formal communities are being developed to help organizations share threat information and indicators of compromise (IOCs). SOCs that are not taking advantage of these communities will miss out on additional risk reduction for their organization.

 

Download the full report: hp.com/go/StateOfSecOps

 

HP recommends organizations have a 3rd party security operations assessment performed once a year to benchmark current capabilities, ensure risk reduction is achieved by the organization and to show ROI on security investments.  Click here to learn more .

0 Kudos
About the Author

Kerry_Matre

Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all