Defenders Of The Cybersecurity Command Centre  

Uploaded on 2023-10-31 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Imagine an email arrives in the inbox of an employee at a large organisation. The subject line is urgent, and the source appears legitimate. After opening the email and clicking on the link, malware is released onto their computer. This malware spreads across the company network, disrupting operations and stealing information - the company has been hacked. 

When a cyber attack happens, the security operations (SecOps) team immediately jumps into action. From assessing the scale of the incident, isolating the infected systems, and eradicating the threat at the source - they are the lynchpin around which robust digital defence unfolds.

As the cybercriminal ecosystem continues to evolve and become more sophisticated, SecOps teams need to be prepared and implement the right strategies to protect the business. 

The pressure to defend cyberthreats has continued to grow exponentially in recent years, from both an operational and financial standpoint. In fact, cyberattacks are on track to cause over 10 trillion dollars’ worth of damage a year by 2025. 

The SecOps teams serves as the frontline, protecting the digital fortress from the myriad of tools available to threat actors. Tools like extended detection and response (XDR) can be integrated to build on existing solutions – enhancing the organisation’s cybersecurity stance and strengthening the command centre.

Challenges faced by SecOps team    

SecOps teams face challenges hindering them from protecting their organisations. For instance, internal failures - such as employee error, insider threats or poor cyber hygiene - represent a significant obstacle that businesses face when ensuring cyber resilience.  Our research found that employee error, like accidently downloading compromised files or clicking malicious URLs, directly led to 45% of breaches in 2022. This is why it is imperative that employees practice vigilance. 

Another challenge that organisations face is the uphill battle to hire talent with the right cyber skills. This has added even more pressure for individuals on the front line of cyber defence, leading to businesses becoming vulnerable to cyber risk. Understaffed security teams are often stretched thin and are tasked with managing the organisation’s entire ecosystems which can be daunting.   
 
According to UK CISOs, 96% say they need better solutions for their organisations to be more cyber resilient. Integrating the right technology stack is vital to protecting an organisation from cyberattacks yet SecOps teams are struggling to find the right processes and tools to detect and respond to emerging threats quickly.   

Wielding The Right Technology Arsenal 

Investing in effective cyber arsenal – or technology – is vital in aiding against threats successfully. 94% of UK CISOs agree that having the right technology in place would significantly improve the time it takes to respond to emerging threats. However, many organisations find themselves in a state of technological debt. This is where they may have invested in the hyped technology stack rather than the right tool and are now stuck with a solution that will accrue further costs in the long run.

One thing is clear: adding more and more tools results in a disparate mix and a siloed and confused security infrastructure - a lose-lose situation. In addition, when a cyber-attack occurs, the chances of getting the entire SecOps team in one room is extremely low.

This is because SecOps teams are often made up of experts from various locations and in different fields, such as firewall, web email, and endpoint security. They may also be busy working on other projects. As a result, by the time it takes to get everyone together to assess the situation, the damage to the system may already have been done.

This is where XDR comes in as a critical component to any cybersecurity command centre as it offers a way to simplify cybersecurity by consolidating endpoint, email, network, data, and cloud protection into a single platform. It allows SecOps teams to establish a more robust and comprehensive view of their organisation’s attack surface with an advantage of staying ahead of adversaries. 

With the right technology, the SecOps teams are equipped with the necessary tools to effectively detect, respond and remediate threats.  

How Organisations Can Remain Cyber Resilient 

The cybersecurity landscape is more fraught than ever, and businesses need to bolster their reactive and proactive cyber defences to succeed. 

Aside from investing in security software, the simplest step organisations can take to mitigate threats is to back up data. By saving copies of critical files to the cloud, for example, organisations can recover files without the risk of losing information and succumbing to threats. 

In tandem with this, organisations should implement a two-pronged approach to ensure their SecOps teams remain cyber resilient. Firstly, training will ensure that teams are at the cutting edge of cybersecurity knowledge and are equipped to respond to threats. Secondly, businesses should look to hire security talent from a diverse range of backgrounds. After all, as cyber attacks evolve, new methods of defence will be needed to protect organisations and diversity of thought will become a critical tool. 

As organisations embrace the evolving cybersecurity landscape, they’re investing more in methods to defend against sophisticated cybercriminals. However, for many, every new attack method can feel like another struggle.

With a combination of the right technologies, talent and tactics, SecOps teams will be well equipped to mitigates cyber threats from their command cent

Fabien Rech is Senior VP & GM EMEA of Trellix

image: iAmMrRoB

You Might Also Read: 

A Perfect Storm For Cybercrime:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Balancing China’s Role In The UK’s AI Agenda
The Criminal Use Of AI Is Increasing  »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Lantronix

Lantronix

Lantronix is a global provider of secure data access and management solutions for Internet of Things (IoT) and information technology assets.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

NowSecure

NowSecure

NowSecure are the experts in mobile app security testing software and services.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

Zamna

Zamna

Zamna (formerly VChain Technology) is an award-winning software company building GDPR compliant identity platforms for the aviation industry.

African Cyber Security

African Cyber Security

African Cyber Security and it's partners, have the expertise and skills to provide holistic solutions for companies, institutions and government.

Beauceron Security

Beauceron Security

Beauceron's cloud-based platform gives employees a powerful personal cyber-risk coach empowering them to improve their cybersecurity practices and behaviours.

Axis Security

Axis Security

Axis Security technologies transform open networks and vulnerable applications into fully protected resources that the business can trust.

Aligned Technology Solutions (ATS)

Aligned Technology Solutions (ATS)

ATS manage, monitor, and maintain everything from your network and servers to your workstations and mobile devices, and we do it proactively to eliminate downtime and keep hackers at bay.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

Camelot Secure

Camelot Secure

Camelot Secure Secure360 platform is a holistic redefinition of what world-class cybersecurity strategies can be. Prepare. Protect. Deploy.

Mogwai Labs

Mogwai Labs

Mogwai Labs deliver cutting-edge penetration tests, security assessments and trainings, to safeguard your applications, networks and cloud environments from cyber threats.

CIS Secure

CIS Secure

CIS Secure is an innovator, integrator and expert advisor supporting the broadest portfolio of powerful, mission-specific C5ISR communications and cybersecurity solutions.

Astra Cybertech

Astra Cybertech

At Astra Cybertech, we're more than just cybersecurity experts - we're your partners in safeguarding your digital assets.