ESG research finds a complex attack surface and threat landscape make alerts too overwhelming to monitor accurately

Joan Goodchild, Contributing Writer, Contributing Writer

May 14, 2021

2 Min Read

Cybersecurity analytics and operations is more difficult today than it was 2 years ago, according to a recent survey of security professionals conducted by Enterprise Strategy Group (ESG).

The research finds some of the top reasons why security teams struggle more now include:

  • The threat landscape is evolving and changing rapidly: 41%

  • We collect and process more security data than we did two years ago: 35%

  • The volume of security alerts has increased over the past two years: 34%

  • The attack surface has grown over the past two years: 30%

As the attack surface and threat landscape grow more complex, security teams say alerts in the security operations center (SOC), generated from many disparate security controls, have also become complicated and difficult to monitor.

Survey respondents listed their top three challenges with alerts as:

  • Filtering the nose out of alerts so we can focus on the right signals: 38%

  • Scaling to collect, process, and analyze the growing volume of security data: 37%

  • Collecting, processing, and contextualizing threat intelligence data: 36%

Many organizations are exploring extended detection and response (XDR) to help detect complex attacks. XDR is an integrated suite of security products spanning hybrid IT architectures designed to coordinate on threat prevention, detection, and response. The tech is meant to unify control points, security telemetry, analytics, and operations into one enterprise system.

ESG reports those who are interested in XDR find the following capabilities most appealing:

  • Simplified visualization of complex attacks and understanding how they progress across a kill chain: 42%

  • Advanced analytics that can detect and identify modern, sophisticated attacks: 38%

Dave Gruber, senior analyst with ESG, examines the XDR market and the technology's potential in SOCs in a recent Dark Reading webinar Making XDR Work in Your Enterprise.

The webinar's discussion centers on how XDR applies to real-life environments and scenarios, and how it works with, and independently from, other tools. It also touches on common challenges with deployment of XDR solutions.

The webinar can be accessed here.

About the Author(s)

Joan Goodchild, Contributing Writer

Joan Goodchild, Contributing Writer

Contributing Writer, Dark Reading

Joan Goodchild is a veteran journalist, editor, and writer who has been covering security for more than a decade. She has written for several publications and previously served as editor-in-chief for CSO Online.

See more from Joan Goodchild, Contributing Writer
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Mitre company logo
Cyberattacks & Data Breaches
Top MITRE ATT&CK Techniques and How to Defend Against ThemTop MITRE ATT&CK Techniques and How to Defend Against Them
byNate Nelson, Contributing Writer
Apr 10, 2024
4 Min Read
A medical professional wearing scrub attire clicking on a screen in front of her
Cyberattacks & Data Breaches
Round 2: Change Healthcare Targeted in Second Ransomware AttackRound 2: Change Healthcare Targeted in Second Ransomware Attack
byDark Reading Staff
Apr 8, 2024
2 Min Read
A magnifying glass being held up in front of the apple logo
Vulnerabilities & Threats
Apple Warns Users in 150 Countries of Mercenary Spyware AttacksApple Warns Users Targeted by Mercenary Spyware
byDark Reading Staff
Apr 11, 2024
1 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events