A new survey shows that 62% of the alerts received by the SOC team are ignored. We keep hearing about the problem of alert fatigue here at MSSP Alert, and automation and AI are components of the potential solution. (If you missed our coverage of the SOC of the Future and the technologies being deployed to solve some of today’s issues, be sure to check out our recent coverage.)
AI and automation are also among the topics at MSSP Alert Live in Austin, Oct 14-16, our annual in-person event where our expert speakers and panelists will be talking about all things cybersecurity for service providers. We’ve got an amazing lineup of technology and business sessions planned for you.
And guess what? We’re also unveiling the MSSP 250 2024 list at MSSP Alert Live. There will be a poolside party to celebrate this elite group of the best MSSPs in the world, too. Whether you are on the list or aspire to be, you should come.
As always, please send your news, tips and insights to me at [email protected]. (You can also send me questions about MSSP Alert Live.) I’m also interested in the type of news you’d like to see us cover here. Please let me know.
Today’s MSSP Market Update
1. Election security assessment - Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency told The Associated Press on Wednesday that “ballot-counting and other election infrastructure is more secure today than it’s ever been” and that no foreign entity will be able to change the U.S. election results.
2. Challenges in the SOC - The news out of security operations centers today isn’t great, according to a survey by Vectra AI, an AI-driven XDR provider. Here’s a look at what SOC technicians say about their security tools -- 54% say the tools they work with increase the SOC workload instead of reducing it; 50% of SOC practitioners say their security tools are more of a hindrance than help when it comes to spotting real attacks; and 60% of SOC practitioners say a lot of their security tools are bought as a “box ticking” exercise for compliance. SOC teams receive an average of 3,832 alerts per day, and62% of them are ignored.
3. Ivanti flaw actively exploited - A remote code execution flaw in Ivanti Endpoint Manager is being actively exploited by hackers gain access to unpatched systems, according to CISA. Tracked as CVE-2024-29824, a new CISA advisory requires that all federal civilian agencies update vulnerable systems by October 23.
4. Darktrace supports Azure - Darktrace has expanded Darktrace/CLOUD to support Microsoft Azure environments. The AI-driven cloud detection and response (CDR) system leverages Microsoft’s virtual network flow logs for agentless deployment, slashing deployment times by 95%, the company said.
5. New boss at cybersecurity services company - Stratascale, a cybersecurity services company owned by SHI International Corp., named Jordan Mauriello Chief Strategy Officer and Head of Stratascale.
6. Spreading the brain trust - Mandiant founder Kevin Mandia has joined MDR provider Expel’s board of directors. Expel founder and CEO Dave Merkel was an early employee at Mandiant where the two pioneered Mandiant’s “managed defense” offering. Mandia has also become chair of the board of directors of cybersecurity solutions and services provider SpecterOps where he will help guide the company as they grow and as they scale up their Attack Path Management solution BloodHound Enterprise.
7. CISO jobs and salaries – As companies exercised caution in hiring recently, many CISOs have stayed in their current positions but 75% are considering or are open to new opportunities. Meanwhile, among the benefits on the rise is coverage in their companies’ Directors and Officers insurance which safeguards them against personal liability for claims made in their official capacity, covering legal fees, settlements and judgements. More on this survey by IAN Research and Artico Search here.
Looking for more news and a list of industry events? Check out the daily news column on our affiliate site ChannelE2E here.
