Enterprises Hit with Limited Number of Analysts to Run SOCs

By Greg Tavarez, TMCnet Editor  |  February 07, 2023

More organizations continue to embrace a cloud-first approach to their business strategy to fully execute their digital strategies. In fact, more than 85% of organizations plan to embrace cloud-first strategies by 2025, according to Gartner.

A study by ManageEngine provides an update to Gartner’s (News - Alert) prediction and says it is more of a reality as almost three-fourths of respondents use multi-cloud applications, and around a fourth of respondents plan to move to the cloud in the next two years.

Cloud enabling new digital experiences is a no-brainer for enterprises. It makes sense.

However, with the cloud-first approach, enterprises must tackle cloud security threats, and they are doing it with a limited number of analysts running their security operations centers, or SOCs. To be more specific, the study reveals that 77% of respondents state they have three to five security analysts running their SOCs. This has led to concerns about cloud security resiliency.

Manikandan Thangaraj, vice president of ManageEngine (News - Alert), gives a good explanation for those not familiar with the term “cloud security resiliency.”

“Cyber resilience refers to the ability of an organization to ensure business continuity in the event of a cyberattack with the help of business processes and tools,” said Thangaraj. “Cloud security resilience, therefore, requires enterprises to have visibility, enhanced policy enforcement, infection isolation and impact neutralization from a unified security architecture.”

To address cloud security challenges, security analysts are deploying multiple tools. These tools are used to protect data, monitor user access, adhere to compliance mandates and gain visibility into cloud platforms.

The thing is, using multiple tools is not always a good thing. Thangaraj says that having multiple tool sets “leads to a visibility gap and complicates cloud security management amid unpredictable threats."

With these factors in mind, enterprises need to take a different approach in 2023. And they are looking at other strategies.

Almost all of the respondents in the survey say factors such as the lack of staffing, multiple tools and compliance challenges are moving them to a consolidated security architecture that facilitates streamlined, efficient security operations.

Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]