Security Automation Saves Money, Time and Work - PowerPoint PPT Presentation

About This Presentation
Title:

Security Automation Saves Money, Time and Work

Description:

When SOC analysts spend less time triaging individual alerts and more time on the matters that truly require their attention, your SOC can enjoy an 80% case reduction. Even incident response can become much quicker, more effective, and more responsive. – PowerPoint PPT presentation

Number of Views:22
Slides: 13
Provided by: Siemplify
Category:
Tags:

less

Transcript and Presenter's Notes

Title: Security Automation Saves Money, Time and Work


1
Security Automation
  • Saves Money, Time and Work

2
Introduction
  • The evolving threat landscape just gets more
    complex and brutal as time goes on. Targeted
    threats abound as advanced persistent threat
    campaigns, cyberwarfare, distributed denial of
    service attacks, and spearphishing. Meanwhile,
    zero-day vulnerabilities and exploits continue to
    be frequent occurrences. Its a hostile cyber
    world out there, and its easy for organizations
    and enterprises to get overwhelmed.

3
Security Operation
  • What if there was a solution that could be
    deployed that could cut down on the tedium that
    SOC analysts deal with? The right security
    automation tool can reduce your cases by 80.
  • Maintaining security operations is absolutely
    essential, as preventing incidents is a lot less
    expensive than responding to them. If you conduct
    operations manually, that expense is not only
    monetary in value but also wasted time.

4
Improving Efficiency of SOC
  • False positive alerts are one of the biggest,
    most expensive problems faced by security
    operations. According to a Ponemon Institute
    study, organizations spend an average of nearly
    21,000 labor hours per year dealing with false
    positive and false negative alerts, wasting about
    1.3 million per year on inaccurate intelligence.
    An organization typically gets about 17,000
    security alerts per week, over 80 percent of
    those are false, and only four percent are
    actually investigated.

5
Security Operation Survey
  • As noted in a recent blog post, the SANS
    Institute found in its 2018 Security Operations
    Survey that just slightly over half of SOCs
    provide metrics that can be useful in tracking
    the status and efficacy of their performance.
    Metrics that are particularly useful, such as the
    mean time to detect (MTTD) and mean time to
    respond (MTTR), are complex to the degree that
    they oftentimes limit SOCs ability to request
    further funding necessary for maximizing their
    performance against those metrics, thereby
    creating a catch-22.

6
Security Analyst Their Analysis
  • Good logging, effective IDS, and a properly
    configured SIEM with well-designed correlation
    rules can go a long way to decrease the volume of
    false positives. But you can reduce the
    distraction of false positives even further,
    thereby saving money, maximizing productivity,
    and allowing your analysts to spend more effort
    on what absolutely requires analysis from a human
    being.

7
Maximize Security Analyst Investment
  • The key is to implement more widely integrated
    and effective security automation. The right
    security automation platform reduces the amount
    of time and effort human security professionals
    have to spend engaging in tedious tasks. It also
    consists of an open and flexible architecture
    that allows for third-party integrations across
    an existing security infrastructure. With such a
    platform in place, infosec personnel can then
    commit more time to activities that require their
    specialized experience, training, and know-how.

8
SOAR Solutions
  • According to Indeed, the average annual salary
    for a SOC analyst in the United States is
    83,910. Thats not specifically for a market
    where cybersecurity professionals are higher
    paid, such as the San Francisco Bay Area,
    Seattle, or New York City. Thats an average for
    all of the United States. Also, that doesnt
    include benefits, including expensive private
    health insurance. Plus, no one is at peak
    efficiency when they start a job because theres
    always a learning curve related to a role in a
    particular company which is always unique. Itll
    usually take a few months in a role for a new
    employee to be really adept at their job.

9
CyberSecurity Automation
  • Why go through the extra expense and hassle of
    having to hire additional analysts when the right
    SOAR solution can make the analysts you already
    have able to do a lot more? This is just one of
    many ways that security automation can not only
    improve your organizations overall
    cybersecurity, but also start saving you money
    right away.

10
Analyze CyberSecurity
  • Security automation can be integrated with your
    SIEM and intrusion detection systems. When a
    possible threat is detected, instead of
    immediately being sent to a security professional
    in the form of an alert, AI will analyze it and
    determine whether an SOC analyst needs to compare
    it against their existing threat intel to figure
    out what theyre looking at and determine its
    importance.
  • Advanced AI can analyze threat alerts with
    remarkable accuracy. Machine learning can make
    the whole security automation system smarter as
    the cyber threat landscape evolves.

11
Invest your SOC Analysts
  • When SOC analysts spend less time triaging
    individual alerts and more time on the matters
    that truly require their attention, your SOC can
    enjoy an 80 case reduction. Even incident
    response can become much quicker, more effective,
    and more responsive.
  • SOAR (security automation and response) works
    with SIEM like peanut butter does with jelly. As
    cyber threats evolve beyond 2018, good SOAR will
    become an absolute must, thereby allowing SOCs to
    become a lot more efficient and effective. MSSPs
    monitor the security of many different clients
    simultaneously, so the benefits of SOAR are both
    exponential and cumulative.

12
Conclusion
  • Good security automation yields impressive
    returns. With it, Siemplify has found your SOC
    can enjoy a 300 increase in caseload capacity.
    Thats done not by hiring more staff but by
    increasing SOC analyst productivity through
    standardized playbooks and workflows and
    automation of tedious tasks.
Write a Comment
User Comments (0)
About PowerShow.com