Survey Finds Insider Threats are Most Difficult Attack to Detect and Behavioral Analytics Technology is a Top Priority in the SOC

Survey of Black Hat USA attendees focuses on what security professionals working in the Security Operations Center (SOC) need to be successful, and their plans for the coming year

LOS ANGELES – (BUSINESS WIRE) – Sept 14, 2022 – Gurucul, the leader in Next-Gen SIEM, XDR, UEBA and Identity Access Analytics, today announced the results of a Black Hat USA 2022 security professionals survey. Respondents indicated that Insider Threats were the most difficult type of attack for SOC analysts to detect, and that Behavioral Analytics was the most common piece of technology they felt was missing and that they planned to add to the SOC in the near future. The survey also found that a strong majority of respondents feel their SOC programs are improving, but that they needed more training, high-level talent in the SOC, better compensation, and more time off.

“But they’re not there yet. Gurucul’s approach to these issues, which we think will help many of these organizations improve their defenses against Insider Threats, pairs machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches.”

Tweet this

Taken as a whole, these survey results suggest that organizations and security professionals understand that Insider Threats are a serious security risk and are working to improve their defenses by adding technologies like Behavioral Analytics and Network Traffic Analysis,” said Saryu Nayyar, Gurucul’s CEO. “But they’re not there yet. Gurucul’s approach to these issues, which we think will help many of these organizations improve their defenses against Insider Threats, pairs machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches.

Other key findings from the survey include:

  • 27% of respondents identified Insider Threats as the most difficult attack to detect – the highest percentage across types.
  • More than 36% of respondents chose Behavioral Analytics as the technology they are currently missing that would most improve their SOC and more than 24% plan to invest budget into Behavioral Analytics solutions in the next year.
  • More than 17% of respondents plan to invest in Network Traffic Analysis technology in the next year.
  • 82% of security professionals feel their SOC program is improving. Less than 5% said it was actively getting worse.
  • Tier 3 SOC Analysts / Threat Hunters are the most in-demand role in the SOC (chosen by 31% of respondents), followed by Tier 2 Analysts (20%) and Threat Content Creators (16%).
  • 39% of respondents feel that their organization is investing in enough training for the SOC, but 31% said they are not and 30% were undecided.
  • 35% of analysts need more than two weeks of time off to feel rejuvenated and 28% feel like they deserved a 20% raise.

Survey responses were collected at Black Hat 2022 and via email in the two weeks after the show, from security professionals from a wide range of organizations, sizes and verticals. You may download the survey report here: https://gurucul.com/resources/whitepapers/2022-black-hat-usa-survey

As organizations are transforming their SOC in the ways revealed by this survey (as well as to support multi-cloud deployments and zero trust programs), they are also looking for end-to-end solutions to help them improve security analyst effectiveness for rapidly identifying and confirming, not just threats and alerts, but entire attack campaigns. Gurucul’s Security Analytics and Operations Platform is purpose-built to automate and accelerate data collection, event and alert correlation, detection triage, investigation, and response to targeted attacks. It combines threat intelligence with an enterprise-class risk engine, delivering precise contextual detections, prioritized investigation, and risk-driven response actions that drastically reduce mean-time-to-detection (MTTD) and mean-time-to-response (MTTR). Gurucul’s platform can also support the most complex deployments including on-premises, hybrid, and cloud (SaaS, private, GovCloud, and multi-cloud including multi-tenancy), addressing the needs of today’s modern enterprise and managed detection and response (MDR) providers.

About Gurucul

Gurucul is a global cyber security and fraud analytics company that is changing the way organizations protect their most valuable assets, data and information from insider and external threats both on-premises and in the cloud. Gurucul’s real-time security analytics and fraud analytics technology combines machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches and fraud. Gurucul technology is used by Global Fortune 1000 companies and government agencies to fight cyber fraud, IP theft, insider threats and account compromise. The company is based in Los Angeles. To learn more, visit Gurucul and follow us on LinkedIn and Twitter.

Contacts

Austin Williams
Voxus PR for Gurucul
253-444-6267
awilliams@voxuspr.com

External Link: https://www.businesswire.com/news/home/20220914005218/en/Survey-Finds-Insider-Threats-are-Most-Difficult-Attack-to-Detect-and-Behavioral-Analytics-Technology-is-a-Top-Priority-in-the-SOC

 

Thwarting Insider Threats

Share this page:

Related Posts