Progress announced the Q4 2024 release of its award-winning Progress® Telerik® and Progress® Kendo UI® component libraries.
Despite the volume of cybersecurity threats rising, the fifth annual State of Security Operations Report 2018 from Micro Focus indicates that more mature Security Operational Centers (SOCs) are becoming more efficient in detection with greater ability to recover from breaches than ever before.
While the report reflects positive momentum in organizations adopting and deploying security solutions, it also indicates that 20% of the cyber defense organizations assessed over the past five years failed to score a Security Operations Maturity Model (SOMM) level 1, which according to the model translates to a complete lack of capability. These organizations continue to operate in an ad-hoc manner with undocumented processes and significant cracks in security and risk management.
“Over the last five years, we have watched organizations attempt to achieve a complete security transformation by applying Band-Aids – such as the purchase of peripheral products or dismantling of solutions – only to find poor results and poor business alignment,” said Matthew Shriner, VP, Security Professional Services for Micro Focus. “With that in mind, it is refreshing that when it comes to cyber defense capability, Micro Focus is seeing a much higher degree of operational sophistication than ever before. Nearly 25% of organizations assessed are meeting business goals, representing a nearly 10% year-over-year improvement.”
Each SOC is measured on the Micro Focus SOMM scale that evaluates the people and processes, technology, and business capabilities. According to the report, organizations are beginning to see a return on their security investments and are seeing more value out of the security solutions they have deployed, reporting an average 8% improvement across people and processes, the two dimensions measured that have historically struggled most.
Key observations include:
■ SOCs are quickly shifting to co-managed operations. This approach has allowed cyber defense programs to overcome the greatest challenge: a global shortage of cyber security talent. By setting up an operational relationship with a partner that includes regular interactions, SOC leaders can narrowly focus on the assets they want to protect and work with the partner operationally to perform the technology integration to make it happen.
■ SOCs running short on personnel are adopting security orchestration, automation, and response (SOAR) solutions. Organizations are investing in automating security incident investigation and management toolsets, and with deliberate implementation goals in mind, are experiencing positive results. The concept is sound, yet adoption is slow due to operational knowledge gaps.
■ Private sector organizations are systematically investing in the development of fusion centers. In its initial form, fusion centers took the “One SOC to Rule Them All” approach. This model continues to serve decentralized organizations well along with those that have grown quickly through M&A activity. Over the past year, fusion centers have evolved into combined disciplines that most organizations would deliberately separate in the past. The new form includes fusion centers that are preparing to combine data security monitoring & incident response and compliance reporting for GDPR.
■ The use of deception grids and impact on operations maturity has increased over the last year. It is because of the shift in the economy of an attack that deception grid solutions can be very attractive. Misinformation about target systems can alter the findings of scripted reconnaissance and cause attackers to deploy resources that are ineffective on the target system. Organizations are also starting to learn much about the attacker and the target of their campaign by analyzing the behavior of the attacker in the deception-oriented environment.
Methodology: The Micro Focus State of Security Operations Report provides deep analysis on the effectiveness of organizations’ SOCs and best practices for mitigating risk in the evolving cybersecurity landscape. Over the last five years, Micro Focus has shared findings from 200 assessments of 144 discreet SOC organizations in 33 countries. It includes organizations in the public and private sectors, enterprises across all industry verticals, as well as managed security service providers. This is the largest available dataset to draw conclusions about the state of cyber defense and enterprise security operations around the globe.
The methodology for assessments is based on the Micro Focus (formerly HPE) Security Operations Maturity Model (SOMM), which focuses on multiple aspects of a successful and mature security intelligence and monitoring capability including people, process, technology, and business functions. The SOMM uses a five-point scale – a score of “0” is given for a complete lack of capability while a “5” is given for a capability that is consistent, repeatable, documented, measured, tracked, and continually improved upon. The ideal composite maturity score for a modern enterprise is “3”, while managed security service providers (MSSPs) should target a maturity level between “3” and “4”. The reliable detection of malicious activity and threats to the organization, and a systematic approach to manage those threats are the most important success criteria for a mature cyber defense capability.
Industry News
Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).
Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.
Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.
Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
Kong closed a $175 million in up-round Series E financing, with a mix of primary and secondary transactions at a $2 billion valuation.
Tricentis announced that GTCR, a private equity firm, has signed a definitive agreement to invest $1.33 billion in the company, valuing the enterprise at $4.5 billion and further fueling Tricentis for future growth and innovation.
Check Point® Software Technologies Ltd. announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform.
Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.
Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.
Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.