Back to blog

State of Cyber Security – HP Enterprise Report

Pathlock
July 7, 2016

State of Cyber Security – HP Enterprise Report

A new report on the State of Security Operations 2016 from Hewlett Packard Enterprise finds that there is a year over year decline in overall security operations center (SOC) maturity. Why the decline in maturity?  The problem is a lack of focus for IT organizations, treating the SOC as a project rather than an on-going process and data driven organization.  The SOC cannot be oriented to just “responding” to security issues with an ad-hoc approach.  It needs to provide more insight into the cyber-risk posture and operate in a proactive rather than a reactive fashion. This report should give IT security professionals reason to adapt and change their operational approach so that the business is not impeded from adoption of new technologies such as the Internet of Things (IoT), cloud and mobile. Some key points in the report:
  • The average SOC lacks basic security monitoring capabilities. Only 24% of organizations met the minimum requirements to provide security monitoring.
  • 85% of organizations are not achieving the recommended security operations maturity levels—even lower than last year’s findings.
  • Security operations people skills and effective processes are lagging with 25% of organizations operating in an ad-hoc fashion with undocumented process.  This is impacting the length of time it takes to identify and remediate issues.
  • The “we’ve already been breached” way of thinking is changing how some IT security teams approach the problem by embracing big data security analytics solutions.
  • 25% of cyber defense organizations failed to score a security operations maturity model (SOMM) level 1 and just 15% of assessed organizations have achieved the ideal composite maturity score of level 3.
  • Organizations in industries that have numerous industry mandates and compliance regulations, such as financial services, are scoring below the median score for a “managed” environment.
  • Organizations where the SOC is part of the IT operations group typically lack effective security monitoring and mitigation capabilities due to conflicting priorities with a focus on IT service availability and performance optimization.
Interested in learning how your cybersecurity program measures up to industry standards and best practices? Click here to view the on-demand Webinar.