Siemplify Survey Shows COVID-19’s Impact on Cybersecurity

A survey of 393 security operations professionals published today by Siemplify, a security orchestration, automation and response (SOAR) platform provider, finds security operations teams have remained remarkably resilient during the COVID-19 pandemic.

At the same time, however, the survey also makes it clear that security operations has been changed utterly by the pandemic.

Nearly half of respondents (47%) say their security posture is mostly the same as it was before the pandemic, while 27% say their security posture has actually improved. Just 26% of respondents say their security posture is worse.

Overall, 42% noted their alert volume is higher now than it was prior to the pandemic. More than half (51%) said investigating suspicious activities is more challenging in a remote environment, while 49% said collaborating with their peers is more difficult. Over a third (39%) said problem solving and alert handling is more challenging from home, while 57% report seeing more phishing threats since the shift to remote work began. Home networks (47%) followed closely by the cloud (46%) were identified as the top two security risks organizations face.

However, only 30% of respondents said their morale had been reduced, while the rest reported their morale has not changed (31%) or has actually improved (39%), the survey finds. Additionally, one-third of respondents are planning to or have already enhanced benefits to help retain security operation staff.

Amos Stern, CEO, Siemplify, said despite these challenges, it is apparent many organizations actually became more vigilant about cybersecurity as they adjusted to the bulk of their workforce working from home. Many organizations are also relying more on automation, as well as external managed security services providers (MSSPs).

More than three-fourths (76%) of respondents say the COVID-19 pandemic has played a role in their decision to rely on increased SecOps automation today or in the near future. More than a third (37%) have created new automation playbooks to respond to emerging, remote-specific threats. More than half (52%) said their reliance on an MSSP increased, even though many of those MSSPs have been the victims of high-profile cyberattacks themselves.

Only 20% of respondents have enacted or are considering security operations-related cost cutting measures, while another 25% are looking at increasing their security operations budgets.

Finally, many respondents to the Siemplify survey said it is unlikely they would return to a security operations center (SOC) on a full-time basis any time soon. More than a quarter (26%) of respondents say it will be 12 months or longer before security operations teams transition back to on-premises work, or that their security operations teams do not intend to return to on-premises.

Of course, no one knows for certain what the future will bring. However, as security operations itself becomes more virtual, the opportunity to hire the best talent, wherever it resides, increases. Naturally, that’s a doubled-edge sword, because it also makes it easier to poach a competing organization’s existing cybersecurity talent and expertise. In fact, retaining cybersecurity talent may be the biggest cybersecurity challenge organizations face in the months ahead.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 747 posts and counting.See all posts by mike-vizard