2019 Black Hat Survey: The Network Is Transforming
We had a great time at Black Hat in Las Vegas this year. With an attendance of over 20,000 of the world’s most security-savvy professionals across the information security spectrum, we were right at home.
For the second year in a row, we conducted the Vectra superhero survey at Black Hat. The survey is a quick six-question poll that helps us understand the current cloud adoption and top-of-mind concerns of attendees.
Just like last year, the people surveyed were a mix of chief information security offices (CISO), security researchers, security architects, security operations center (SOC) personnel, and network operations center staff.
Not surprisingly, the biggest takeaway this year was the ongoing transformation of the network as more and more organizations embrace hybrid-cloud deployments. This is happening in the form of lift-and-place deployments as well as cloud native apps. This in turn bring a new set of challenges for SOC team, as they look at ways of maintaining visibility and control over the network in the cloud.
I can do this all day!
But first things first. This year, Iron Man was dethroned from the title as the most popular Avenger with our attendees. In Tony Stark’s place is now Captain America. Iron Man shared second place with Deadpool. However, supernatural intelligence still remains the number-one superpower that would be most useful to security professionals.
This is echoed in the trend of AI adoption within organizations, and especially so in SOCs. A good AI network detection and response (NDR) tool can automate tedious incident response tasks to augment SOC manpower. Teams that use AI to augment the work of security analysts achieve greater levels of efficiency than those who do not.
Cloud adoption is now mainstream
Of everyone surveyed, 56% now have more than 40% of their workloads in the cloud. Only 5% reported that they currently have no cloud implementation. But when it comes to visibility into cloud deployments, 46% reported lower or no visibility in comparison to their on-premises networks.
Looking at NDR for cloud transformation
With the increased threat surface that a hybrid environment brings, and the new skillset required for developers and it-admins to securely configure cloud solutions, it’s no wonder that SOC and CISOs are wishing for more and better visibility into their cloud networks. In fact, 57% of those surveyed said gaining visibility into their cloud footprint and detecting the early signs of an attack are the most important priorities.
Many organizations now rely on NDR solutions to help them gain this visibility by detecting threats in their networks in the cloud and on the ground – without being overburdened by noisy alerts.
The Cognito network detection and response platform from Vectra excels at collating numerous alerts to create a single incident or campaign that provides a forensic a chain of related events. This lets you to harness the collective power of data, artificial intelligence and automation to eliminate breaches.
Vectra is the world leader in AI-driven threat detection and response. The Cognito platform gives talented cybersecurity professionals the tools they need to automate attacker detections, hunt for threats and launch deep incident investigations retrospectively for covert attackers. And Cognito gives you full visibility into both cloud and hybrid environments.
Be sure to reach out to us for more information.
About the author
Marcus Hartwig is a senior product marketing manager at Vectra. Has been active in the areas of IAM, PKI and enterprise security for more than two decades. His past experience includes product marketing at Okta, co-funding a company in cybersecurity professional services, as well as managing a security product company – a combination that has left him passionate about all parts of product marketing, design and delivery.