Cloud security can help improve threat detection and reduce burnout

July 28, 2022 | 4 minute read
Rachel Nizinski
Product Marketing Manager
Text Size 100%:

Messaging apps like Slack, email, project management tools, texts, and video calls can leave anyone daunted in the age of remote work—and the fatigue that many are feeling from notification overload is spreading to cybersecurity, leading to uninvestigated alerts and employee burnout.  

A global IT survey from Orca Security found that 60% of respondents receive more than 500 alerts per day. An overload of alerts can have serious consequences for businesses, such as missing critical security alerts and burnout amongst cybersecurity employees, which is already on the rise. To help improve detection rates and support cybersecurity staff, organizations are turning to cloud security services that aggregate threat intelligence, improve detection rates, and reduce the impact and time it takes to recover from breaches.

Expanding IT infrastructure can create new vulnerabilities

Digital transformation— implementing technology to improve products, services, and processes—has become a core component of most businesses. As a business’ IT infrastructure expands with the adoption of cloud services that support digital transformation, their attack surface also expands. 

The US National Institute of Standards and Technology defines an attack surface as “The set of points on the boundary of a system, a system element, or an environment where an attacker can try to enter, cause an effect on, or extract data from, that system, system element, or environment.” [1] When attack surfaces expand, they create more endpoints for security staff to monitor, making cloud security more complicated and creating new opportunities for potential breaches. 

Security staff are struggling to keep up with increasing alerts

According to a report from Oracle and KMPG, 40% of CISOs say that their top cybersecurity challenge is detecting and reacting to security incidents in the cloud. While cloud platforms and applications contain a lot of information that can help prevent fraud and data loss, they can also produce an overload of events. As more devices and applications are added, more alerts are generated, which can result in a higher likelihood of critical alerts being missed because of human error.

40% of CISOs say that the top cybersecurity challenge is detecting and reacting to security incidents in the cloud

Cisco’s “2020 CISO Benchmark Report” found that many organizations are falling behind when investigating alerts—in 2020, the percent of alerts investigated fell to 48%, compared to 56% in 2017. 

The cybersecurity skills gap is creating added risks

A report from Information Systems Security Association (ISSA) and analyst Enterprise Strategy Group (ESG) found that cloud security, security analysis and investigation, and application security were the three biggest areas for cybersecurity skills shortages. The report also found that skills shortages affect employee’s wellbeing, with 38% of respondents saying that the effects of cybersecurity skills shortages lead to more employee burnout.

Burnout isn’t just a problem for employees—a report from 1Password found that security professionals suffering from burnout are more likely to look past security policies and twice as likely to be “checked out” and “doing the bare minimum at work”. 

Fred Kost, Global Vice President of Security Product Marketing at Oracle, says that hiring won’t solve these issues: “You cannot recruit, train, and retain enough qualified people for SecOps. We...must look to technology and automation to address the cybersecurity challenges organizations face.” 

Cloud security can help create a more efficient response model

Cloud security uses data science and analytical monitoring to create a more efficient security response model. By providing a unified view of threats, the urgency of alerts is reflected more accurately, removing the need to investigate anomalies individually.

Oracle Cloud Infrastructure Security provides you with the ability to aggregate threat intelligence to help prioritize alerts and sort valid signals from noise. Oracle Cloud Guard, for example, continuously monitors configurations and activities to identify threats and automatically acts to remediate them across all Oracle Cloud global regions, providing security administrators with the cloud detect-and-response framework needed to lower the time to respond to security misconfigurations and scale out security operations centers. 

Oracle provides these capabilities through a cloud security posture management dashboard at no additional cost, with numerous pre-built tools that automate response to reduce customer risk quickly and efficiently.

Learn more about Oracle’s threat detection solutions.

Ebook: Cloud security trends

Read the cloud security trends ebook for more on how to safeguard your enterprise with the cloud.

 

_______

[1] attack surface, Computer Security Resource Center, US National Institute of Standards and Technology

[2] The Burnout Breach: How employee burnout is emerging as the next frontier in cybersecurity, 1Password, 2021

Rachel Nizinski

Product Marketing Manager


Previous Post

OCI Logging usability enhancements: Multiregion search, query-based visualization, and log line wrapping

Harsh Keswani | 4 min read

Next Post


Accenture empowers diversity and inclusion by innovating on OCI

Mohid Farazi | 4 min read