5 MORE reasons why Security Operations Organizations are ineffective

HP revealed in the State of Security Operations 2014 report that 24% of assessed organizations did not meet the minimum requirements to provide consistent security monitoring.

 

In my previous blog, I listed the top 5 mistakes security operations organizations are making.  Here are an additional 5 mistakes as observed by our security intelligence and operations consulting (SIOC) group.

 

View mistakes #1-5 here.

 

#6 - Set it and forget it- Organizations often spend a lot of resources building up a security operations capability but focus drops after the first goals are achieved.  Continuity of focus must continue as a SOC ages in order to ensure effectiveness overtime.

 

#7 - Advanced use cases not effectively operationalized - Advanced use cases are great...if you can tie them into your business processes to achieve the full benefit. Breakdowns in communication between engineering teams that create the system content and analysis teams who are expected to use the content will cause use cases to be ineffective.

 

#8 - Lack of flexibility - Inflexible organizations will not be able to keep up with ever-evolving threats. Some areas of security operations should be rigid, repeatable, and measured while other areas should be flexible, adaptable, and nimble.

 

#9 - Inability to prioritize- It is difficult and costly to protect an entire organization.  A successful SOC requires clear priorities determined by a risk-based approach.

 

#10 - Not learning from others - Informal and formal communities are being developed to help organizations share threat information and indicators of compromise (IOCs). SOCs that are not taking advantage of these communities will miss out on additional risk reduction for their organization.

 

Download the full report: hp.com/go/StateOfSecOps

 

HP recommends organizations have a 3rd party security operations assessment performed once a year to benchmark current capabilities, ensure risk reduction is achieved by the organization and to show ROI on security investments.  Click here to learn more .

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation