Category Archives: Cloud Adoption

How to use the cloud to improve your technology training

Anyone who has tried to hire an IT expert knows that the shortage of qualified people is real. We’re not just talking about IT security jobs, either. Almost every area of tech faces a skills shortage that threatens to sap productivity and presents challenges to IT departments of all sizes. Informal on-the-job training has been the norm for most IT teams. However, the rise of cyberthreats and the pace at which they arise leaves companies … More

The post How to use the cloud to improve your technology training appeared first on Help Net Security.

What’s On the Horizon for SIEM Technology? Five Upcoming Innovations in Security Analytics

All solutions evolve over time as new technologies are introduced and market shifts occur — and security information and event management (SIEM) is no exception. The most recent changes in SIEM technology are driven by increased cloud adoption, the limited availability of IT talent and mounting regulatory pressure, as well as the growing variety and sophistication of cyberthreats.

What do these changes mean for the future of SIEM technology? Let’s take a step back and consider five significant shifts we expect to see over the next few years.

1. SIEM Will Shift From On-Premises to the Cloud

SIEM will be as relevant to software-as-a-service (SaaS) and cloud systems as it is to on-premises environments. SIEM’s original purpose was to help organizations correlate multiple security telemetry sources to generate a prioritized risk and threat view and provide a single pane of glass for investigations.

The same will be true in the future, except those on-premises sources will eventually be replaced by multiple cloud and SaaS sources.

2. SIEM Technology Will Become the Foundation of Security Analytics

Machine learning and behavioral analytics will become increasingly important, but they won’t replace rules. A security operations center (SOC) must detect both known and unknown threats.

Using rules and signatures is the fastest and most accurate way to detect known threats, but this strategy is not always effective for identifying unknown threats. It also requires many core data pre-processing steps, such as management, interpretation, curation and enrichment. As a result, SIEM technology will become the foundational layer of all security-analytics solutions.

3. AI Will Relieve Overworked Analysts

Artificial intelligence (AI)-powered analytics that investigate and determine the root cause of existing anomalies — as opposed to solutions that generate new alerts and anomalies — will emerge in the marketplace and become essential tools for both full-scale and ad-hoc investigations. AI analytics will not replace existing rules or machine learning anomaly detection algorithms — since these are essential to help analysts detect potential threat signals.

But these signals must be investigated, and many SOCs lack the workforce to do so. AI tools can conduct automated investigations, drive intelligence orchestration and remediation, and act as a force multiplier to make the security team more productive.

4. Cloud Will Make Security Analytics More Consumable

The majority of SIEM — and, therefore, security analytics — will be consumed from the cloud. It will become increasingly challenging for organizations to juggle the breadth of required data sources, operationalize uses cases and analytics and manage the big data infrastructure of a SIEM on-premises. Cloud services deliver much of these resources on demand and in a fully automated manner — dramatically increasing the consumability and utility of SIEM and security analytics tools within the enterprise.

5. AI Assistants Will Augment Human Analysts

AI assistants will be introduced into the market to help analysts set up, configure and continuously maintain use cases within the SIEM. As organizations and their IT infrastructures evolve, so must their security capabilities. Most companies will still struggle to keep abreast of these changes and close gaps that emerge as a result, but AI assistants will be able to perform assessments and automate much of this workload.

We are already seeing signs of this evolution today with AI-powered security analytics solutions, improved outcomes with the adoption of SIEM-as-a-service and newer analytics, such as user behavior analytics (UBA), domain name system (DNS) and cloud analytics, revolutionizing the way SOCs work. It’s an exciting time to be adopting a security analytics strategy — and both the security and cybercrime landscapes are sure to change drastically in the near future in response to these innovations in SIEM technology.

View the interactive infographic: Transforming Noise to Knowledge

The post What’s On the Horizon for SIEM Technology? Five Upcoming Innovations in Security Analytics appeared first on Security Intelligence.

86% of enterprises have adopted a multi-cloud strategy

Based on a global survey of 727 cloud technology decision makers at businesses with more than 1,000 employees, Forrester Consulting found how shifting business priorities are driving enterprises to adopt multi-cloud strategies. According to the study, a vast majority (86 percent) of respondents describe their current cloud strategy as multi-cloud, with performance and innovation rising above cost savings as the top measures of success. In addition, 60 percent of enterprises are now moving or have … More

The post 86% of enterprises have adopted a multi-cloud strategy appeared first on Help Net Security.