Security Roundup: Exabeam, WatchGuard, eSentire, WhiteHat
Issues facing SOC professionals include too many alerts, a shortage of talent and a lack of technology.
![Cybersecurity Cybersecurity](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltc0e0999912410c8d/652507a76399931d37942f32/shutterstock_669797740.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
With the cyber threat landscape changing so rapidly, it’s tough to stay ahead of the bad guys, and it’s even tougher if you don’t have enough firepower in your arsenal.
At this week’s Exabeam Spotlight 2018 conference, its inaugural user conference, Steve Moore, chief security strategist, spoke with us about the latest issues facing security operations centers (SOCs), the changing definition of insider threat, and if there’s any light at the end of the tunnel in terms of winning the cybersecurity war.
Moore spent the last two-and-a-half years building health care provider Anthem’s cybersecurity program post-breach. He also wrote Exabeam’s recent State of the SOC report.
In terms of insider threats, the definition has expanded beyond someone who works for you and means you harm, Moore said.
“The insider threat is, to me, somebody who means you harm or someone who is also compromised and is ignorant to that fact,” he said. “So Steve Moore means you no harm, but my credentials are stolen or I have malware on my machine, and now my electronic self is zipping about and being party to a potential breach. So the issue is that most organizations don’t understand internal attribution, so most are ignorant to the fact that if they have a compromised person who as a human soul means them no harm, but as an electronic entity that’s been compromised, that is a issue. You’re almost having to reteach … if there [are] innocent people involved.”
Exabeam’s Steve Moore
For his report, Moore spoke with SOC professionals across CISO, CIO, analyst and management roles, and found three key issues: too many alerts, a shortage of talent and a lack of technology.
“They have alert fatigue, which is not only overwhelming them, but causing them to miss what is important,” he said. “Fatigue leads to lack of prioritization, which is just sort of this muddled mess, which then leads to never really running down one thing completely. You’re just sort of halfway done with lots of things.”
And beyond the talent shortage, many respondents said the people they work with aren’t qualified enough, “so it’s not the fact that there’s an empty seat, but I’m in that seat and I’m not good enough to do the job,” Moore said.