FEATURE : SOC
Sheldon Hand , Data and AI , Automation and Security Business Unit Leader , IBM Southern Africa , said security is top of mind for all organisations across the MEA region . Hand said the COVID-19 pandemic has had widespread impact and the MEA region is also faced with a growing remote workforce which results in sensitive data moving across less controlled environments with limited network visibility , making it more vulnerable to data breaches . “ These are shifts affecting the market and facing many organisations no matter where they are located in MEA ,” he said . “ In 2021 we also saw cyberattacks evolve as threat actors sought to profit from the unprecedented socioeconomic , business and political challenges brought on by the COVID-19 pandemic .”
Ian Jansen van Rensburg , Director Solutions Engineering and Lead Technologist , VMware
Mike Walters , President , Action1 Corporation , said infosec professionals should pay considerable attention to the development of an efficient patch management policy . “ It is essential that the SOC team gets information about the latest software updates in real-time and is able to install them immediately after they are released by a vendor . Ideally , this procedure should be automated . A delay in patching critical vulnerabilities can cost too much for SOC ’ s customers ,” he said .
State of SOC adoption
Like the overall cybersecurity maturity , the state of the SOC market varies from region to region across MEA . For example , in many countries of sub-Saharan Africa , SOCs are still a privilege of government agencies and large corporations . And even these organisations sometimes report the lack of a mature cybersecurity strategy that covers all aspects of advanced threat defence .
IBM ’ s Hand added : “ We ’ re seeing organisations across all major industries adopting SOCs . The energy , manufacturing and healthcare industries – highly regulated industries which experienced the highest number of cyberattacks as well as increases in the average total cost of a data breach are driving adoption across the continent . Not far behind in adoption are the financial , retail , industrial , services and transportation industries which continue to face high attack volumes .”
rules to manage . In turn , each of these must be set up to enforce access control and information protection policies at enterprise scale for all users and systems across the business . In some cases , this could literally mean millions of rules . Simply put , this makes for a configuration nightmare ,” he said .
As CIOs and CISOs across MEA are increasingly adopting SOCs , industry experts warn that they need to be extra careful when developing their own SOC or when outsourcing services from a SOC .
According to Hand , CIOs and CISOs must first understand that there is a high cost to a security failure . According to our 2021 Cost of Data Breach study , there was an increase in companies that experienced breaches of more than 1 million records , which is considered a mega breach . “ Globally , breaches of one million to 10 million records cost an average of US $ 50 million , more than 25 times the average cost of US $ 3.86 million for breaches of less than 100,000 records ,” he said .
Ian Jansen van Rensburg , Lead Technologist , VMware , said current approaches to cybersecurity make it impossibly complex to implement comprehensive best practices across an enterprise IT environment .
Van Rensburg said there is a huge assortment of security tools to manage : firewalls , anti-virus , intrusion prevention systems and threat detection systems , to name a few . “ Each tool has an enormous number of
WE ’ RE SEEING ORGANISATIONS ACROSS
ALL MAJOR INDUSTRIES ADOPTING SOCS .
www . intelligentcio . com INTELLIGENTCIO AFRICA 47