Based upon years of previous research, for most organizations, security operations are in a period of both disarray and transition. While organizations expand the development of digital transformation initiatives, cloud-native application development, and remote worker support, SOC teams continue to conduct day-to-day operations using assorted point tools, manual processes, and a shortage of staff and skills. CISOs realize this mismatch leads to an unacceptable reality of ever-increasing cyber-risk.
To address this growing security operations gap, organizations are taking numerous actions to modernize security operations, including automating processes, utilizing advanced analytics, integrating security technologies, and embracing the MITRE ATT&CK framework. In order to gain insights into these trends, ESG surveyed 376 IT and cybersecurity professionals at organizations in North America (US and Canada) personally responsible for evaluating, purchasing, and utilizing threat detection and response security products and services.