Patternex Blog AI Not Optional for the SOC

This is a guest post by Randy Conner, VP of IT Security, Large Hospitality Company There have been over 3,600 data compromise breaches through Q3 2018.  With the recent flood of additional cyber breaches affecting millions, everyone is looking for answers to stop this seemingly unending cycle of hacks and the bottom line risk that comes along with them. While the recent breaches occurred for various technical reasons, the common factor is the volume and lack of visibility of alerts for threats, patches, and the like.  In many cases for the 2018 breaches, the breach was detected by someone other than the victim organization’s own staff! Such a result is not surprising given a limited set of resources, prioritization, and execution for the typical cybersecurity staff. The State of the Art (?!) The default for many organizations is to leverage MSSP’s and SIEM tools. Clearly that alone is not working. Some MSSPs have proprietary software they run which hasn’t been independently vetted. MSSPs also fight the same labor battle as every other company and you have to wonder how they are able to deliver true security for lower costs when they are up against the same restraints everyone is. The answer is not economies of scale - the more customers an MSSP adds the more diluted every other company’s oversight of alerts gets. The answer is automation.