Survey: Automated Threat Detection Highly Desirable to Security Analysts
FireEye, a Milpitas, California-based security company, has released the results of a recent survey indicating that security analysts are becoming less productive due to widespread “alert fatigue” resulting in ignored alerts, increased stress, and fear of missing incidents.
According to the brief entitled, “The Voice of the Analysts: Improving Security Operations Center Processes Through Adapted Technologies,” security analysts continue to feel the pressure of increased alerts, spending almost half their time on false positives. While analysts and IT security managers receive thousands of alerts every day, respondents indicated 45 percent of the alerts are false positives, making in-house analysts’ jobs less efficient and slowing workflow processes. To manage alert overload in the SOC, 35 percent of this group said that they ignore alerts.
MSSPs spend even more time sifting through false positives. MSSP analysts indicated that fifty-three percent of the alerts they receive are false positives. Meanwhile, 44 percent of analysts at managed service providers said they ignore alerts when their queue gets too full, which could lead to a breach involving multiple clients.
As analysts experience more challenges managing alerts manually, their worry of missing an incident also increases: Three in four analysts are worried about missing incidents, and one in four worry “a lot” about missing incidents.
Respondents shared the top tools they use to investigate alerts, showing that less than half use artificial intelligence and machine learning technologies (43 percent), Security Orchestration Automation and Response (SOAR) tools (46 percent), Security Information and Event Management (SIEM) software (45 percent), Threat Hunting (45 percent), and other security functions. In addition, only two in five analysts use artificial intelligence and machine learning technologies alongside other tools.
The company further reports that 350 internal and managed security service provider (MSSP) security analysts and managers were surveyed in the research conducted in cooperation with Framingham, Massachusetts-based IDC.
The survey details respondents’ desire to manage growing alert fatigue amidst flood of false positive alerts.
Verizon Business Expands Cisco Relationship with SD WAN Managed Service Offers
Verizon Business announced the expansion of its long-standing strategic partnership with Cisco, through the addition of three new SD WAN managed services offerings.
“Global enterprises are taking a hard look at their digital transformation agendas to find ways to win coming off one of the more challenging years in recent history,” said Aamir Hussain, Senior Vice President of Business Products at Verizon Business. “These new services reflect the significant ongoing joint Cisco and Verizon research and development investments which aim to help customers accelerate change.”
The expanded solution includes co-managed Cisco SD WAN powered by Viptela that provides customers the option to control and self-manage SD WAN security and application policies in conjunction with Verizon managed service support for fault, performance, and configuration management. It also includes Managed SD WAN powered by Viptela for the Cisco ISR1100 Series platform for smaller branch office deployments.
Verizon has also added a new capability for management of the Cisco Meraki MV smart cameras to help enable faster deployment, management, and troubleshooting from a single pane of glass.
“Our strategic relationship with Verizon continues to create value for businesses supporting a growing distributed mobile workforce and the accelerated adoption of cloud services,” said Scott Harrell, Senior Vice President and General Manager of Cisco’s Intent-Based Networking Group. “As businesses modernize their networks to enable the best user application experiences, Verizon’s new Cisco SD WAN managed services can help them quickly and easily transition to SD WAN with flexible options to help deliver business agility and secure connectivity to applications across multiple clouds.”
This expansion provides enterprise businesses with an extensive global footprint, access to new solutions and capabilities, as well as management and policy administration.
Protegrity Launches Partner Network for AI, Analytics, and Cloud
Protegrity, a Salt Lake City company specializing in data security, has launched the Protegrity Partner Network, which is intended to empower technology organizations, systems integrators, and value-added resellers (VARs) to deliver Protegrity’s data protection solutions to joint customers, supporting privacy, advanced analytics, AI and machine learning, and cloud initiatives.
“As a foundational pillar in Protegrity’s business transformation and growth strategy, the new Protegrity Partner Network is an important step toward achieving our mission to secure the world’s most sensitive data by delivering advanced data protection,” said Protegrity President and CEO Rick Farnell. “At the core of our partnership strategy is neutrality, enabling us to empower more organizations to discover new uses of sensitive data and drive business excellence.”
The tiered program offers benefits that include sales/implementation support, a partner portal, virtual training, certifications, product updates, protection platform access, a named alliance manager, a named marketing contact, joint branding tools, dedicated alliance management, marketing and support contacts, discounted event sponsorship, one-on-one product briefings, an advisory board seat, and joint business planning.
Service Partners can refer new business or become eligible to resell the Protegrity platform. Technology Partners, such as independent software vendors (ISVs) and large cloud hyperscalers, receive access to the Protegrity Data Protection Platform to develop custom software integrations, eliminating friction for customers when implementing joint solutions.
As more businesses become data-driven, companies are looking to secure their mission-critical AI, analytics, and cloud initiatives. The new program is intended to address the increased demand for advanced data security solutions by equipping partners with the necessary tools.