Innovation is challenging for security teams because it encompasses two seemingly contradictory ideas: it’s happening too slowly and too quickly.

Cyber attackers can launch thousands of attacks daily. Many of these same attackers don’t even need serious technical expertise to do so; they can simply purchase (or even rent) DIY hacking toolkits or subcontract the actual attack campaign to a hacker-for-hire. With such low entry barriers and a threat landscape that’s evolving rapidly due to relatively easy access to processing horsepower and automation technologies, cybersecurity must be top of mind at any organization.

Fortunately, many new technologies are new to security operation centers (SOCs) and the teams that run them. The use of automation, machine learning’ and big data has the potential to detect, analyze’ and contain most threats automatically, without the need for human intervention — which leaves SOC teams with more time and resources to dedicate to hunting more sophisticated attacks. But if SOCs want to take advantage of emerging cybersecurity technologies, they’ll need to rethink their playbooks and make significant changes to technology roadmaps. Why? Because innovation in cybersecurity is challenged by two seemingly conflicting ideas: it’s happening too slowly and too quickly. Allow me to explain.

Read more…