San Jose, Calif. - July 19, 2023 - Vectra AI, the pioneer of AI-driven cyber threat detection and response for hybrid and multi-cloud enterprises, today announced the findings of its 2023 State of Threat Detection Research Report, providing insight into the “spiral of more” that is preventing security operations center (SOC) teams from effectively securing their organizations from cyberattacks.
Today’s security operations (SecOps) teams are tasked with protecting progressively sophisticated, fast-paced cyberattacks. Yet, the complexity of people, processes, and technology at their disposal is making cyber defense increasingly unsustainable. The ever-expanding attack surface combined with evolving attacker methods and increasing SOC analyst workload results in a vicious spiral of more that is preventing security teams from effectively securing their organization. Based on a survey of 2,000 SecOps analysts, the report breaks down why the current approach to security operations is not sustainable.
Manual alert triage costs organizations $3.3 billion annually in the US alone, and security analysts are tasked with the massive undertaking of detecting, investigating and responding to threats as quickly and efficiently as possible while being challenged by an expanding attack surface and thousands of daily security alerts. The study found:
Despite a majority of SOC analysts reporting their tools are effective, the combination of blind spots and a high volume of false positive alerts are preventing enterprises and their SOC teams from successfully containing cyber risk. Without visibility across the entire IT infrastructure, organizations are not able to identify even the most common signs of an attack, including lateral movement, privilege escalation, and cloud attack hijacking. The study also found:
Despite the increasing adoption of AI and automation tools, the security industry still requires a significant number of workers to interpret data, launch investigations, and take remedial action based on the intelligence they are fed. Faced with alert overload and repetitive, mundane tasks, two-thirds of security analysts report they are considering or actively leaving their jobs, a statistic that poses a potentially devastating long-term impact to the industry. The study found:
“As enterprises shift to hybrid and multi-cloud environments, security teams are continually faced with more - more attack surface, more attacker methods that evade defenses, more noise, more complexity, and more hybrid attacks,” said Kevin Kennedy, senior vice president of products Vectra AI. “The current approach to threat detection is broken, and the findings of this report prove that the surplus of disparate, siloed tools has created too much detection noise for SOC analysts to successfully manage and instead fosters a noisy environment that’s ideal for attackers to invade. As an industry, we cannot continue to feed the spiral, and it’s time to hold security vendors accountable for the efficacy of their signal. The more effective the threat signal, the more cyber resilient and effective the SOC becomes.”
About Vectra AI
Vectra AI is the pioneer in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods—the TTPs at the heart of all attacks—rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure – both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization. For more information, visit vectra.ai.
Offleash PR for Vectra