Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.

Tips for Modernizing SecOps Teams

Dark Reading's special report looks at ways security operations teams can improve their efficiency and effectiveness to address the latest threats.

Evan Schuman, Contributing Writer

December 13, 2023

2 Min Read
Source: Dark Reading, Informa Tech

The security operations center is the enterprise's first line of defense against an active attack. It is also the base of all security operations, as the team sifts through threat intelligence, logs, and activity reports from within the enterprise as well as key partners.

Despite the critical nature of their work, many SecOps teams are underfunded and understaffed. It isn't unusual to find them working with antiquated tools and outdated data. 

Dark Reading's special report "Key Elements Enterprises Needs to Include in Modern SecOps" considers ways to invest in SecOps teams to give them the tools to manage systems, unlock threat detection, and master data collection — all necessary for defending the enterprise against the latest wave of advanced and complex threats.

Today's enterprise SecOps centers are both massively distributed and highly localized. An enterprise often has more than a dozen authorized global cloud providers — on top of an untold number of shadow IT cloud deployments. Some of these clouds are designed to work with others, but many are not.

Complexity is one of the biggest challenges facing the SOC, says Steve Winterfeld, the advisory CISO at Akamai.

"When I became a CISO, I didn't realize how much time would be consumed with vendor management," Winterfeld says. “But having a large number of security capabilities can lead to multiple issues. You have one engineer trying to maintain and optimize multiple systems, so none of them are up to date. Next you have one analyst trying to respond to feeds from multiple systems and, in some cases, multiple dashboards. This leads to missed alerts that could have prevented an incident from becoming a major crisis."

Read "Key Elements Enterprises Needs to Include in Modern SecOps" to learn the best strategies for selecting and managing security tools, as well as embedding automation through the operations. Within the lengthy list of things that SecOps teams have to do, there are also several tweaks and small fixes they can apply to make operations more effective and efficient.  

About the Author(s)

Evan Schuman

Evan Schuman

Contributing Writer, Dark Reading

Evan Schuman has tracked cybersecurity issues for enterprise B2B audiences for far longer than he will admit. His byline has appeared in The New York Times, Associated Press, Reuters, SCMagazine/SCMedia, VentureBeat, TechCrunch, eWEEK, Computerworld, and various other technology titles. He's been quoted on security issues in The Wall Street Journal, The Washington Post, Time, American Banker, BusinessWeek, Ars Technica, The Register, CNN, CBSNews.com, USA Today, Boston Globe, Los Angeles Times, Wired, Consumer Reports, and U.S. News & World Report, among others. He is the founding editor for StorefrontBacktalk, and he has consulted on cybersecurity content issues for McKinsey, Wipro, Microsoft, Capital One, BlackBerry, Harvard Business Review, and MIT. Evan has also repeatedly guest lectured on cybersecurity issues for graduate classes at Columbia University and New York University. He can be reached at [email protected], and he's active on Bluesky and Threads.

See more from Evan Schuman
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events
Latest Articles in The Edge
Read More The Edge