Organizations reported an average 32% reduction in threat responder workload when they deployed a managed SIEM solution, according to CenturyLink and IDG.
Improve incident response
The research shows security leaders are turning to managed security services to help augment limited internal resources and bridge the security technology gap.
“Security is an inherent ingredient in networking today; however, limited resources and budget constraints make it difficult for companies to develop with their own staff,” says Chris Betz, CSO at CenturyLink.
“To better understand insights and to prioritize incident response, you need to consider third-party solutions and leverage an integrated security strategy from the start.”
The most significant improvements for third-party managed network security technologies on average included:
- A reduction in false positives – up to 50%
- Faster response times – up to 49%
- A reduction in dwell time – up to 39%
- An increase in system availability – up to 46%
Enterprises that deploy integrated, third-party managed threat intelligence, SIEM, cloud-based DDoS mitigation and firewall platforms have recorded notable security improvements:
- Threat intelligence: 45% to 49% faster response time to remediate threats
- SIEM: 35% to 40% faster time to uncover active threats and potential Indicators of Compromise (IoCs)
- Cloud-based DDoS: 50% to 53% faster time to understand and investigate disruption
- Firewalls: 50% to 53% faster notification for high-priority firewall events
Over the next three years, respondents expect that automated threat detection and remediation will improve their organizations’ security posture. Specifically, they anticipate reducing the burden on IT, better meeting security outcomes, and gaining business efficiencies.
One respondent noted that security control automation “will help significantly reduce the time and manpower needed to improve our risk management”.
According to the survey, 97% of respondents realized improvements with third-party managed firewalls, most notably in terms of the ability to free up resources to focus expertise elsewhere (54%) and a better security posture (42%).
After implementing third-party cloud-based DDoS mitigation, 97% of IT security leaders reported improvements in areas such as system availability, incident response time, and reduced downtime.
The explosion of data at the network edge combined with growing bandwidth requirements places tremendous pressure on networks. To help overcome data overload, manually intensive processes, and limited expertise, companies are shifting their SIEM management to third parties.
Among those using such services, 96% report across-the-board business outcome improvements including 39% reduction of dwell time, 38% improved efficiency for incident response and the 34% reduction in average time to detect.