US enterprises hit hard by short-staffed security operations centers

Image via Unsplash

Enterprises have a limited number of analysts running their security operations centers (SOCs) and are deploying multiple tools in an attempt to address their cloud security challenges, according to the Cloud Security Outlook 2023 report from ManageEngine.

A surge in cloud adoption was reported, with 72% of respondents saying they are using multi-cloud applications and another 5% using hybrid cloud systems. The adoption rate is expected to increase further in 2023 and 2024, with 23% of respondents planning to move to the cloud in the next 24 months.

Amid this situation, enterprises are forced to tackle numerous cloud security threats, including compromised accounts. Enterprises are hampered by short-staffed SOCs, which has led to concerns about their cloud security resiliency. As many as 77% of respondents stated that they only have three to five security analysts running their SOCs.

The study further revealed that enterprises are finding it increasingly difficult to gain visibility into cloud activities and comply with various stringent regulations. Nearly half (48%) of respondents find compliance with cybersecurity laws, especially those related to the cloud, to be highly challenging.

These factors are driving enterprises to adopt a consolidated security architecture that facilitates streamlined, efficient security operations. An overwhelming 97% of respondents will be evaluating a solution that provides all security functions in a single console in 2023.

Survey findings indicate that:

A lack of staffing and orchestration makes the security process complicated.
Most respondents (84%) stated they either have fewer than five security analysts or don't have dedicated analysts at all to run their SOCs.
94% of respondents use different security tools to protect data, monitor user access, adhere to compliance mandates and gain visibility into cloud platforms.
The three most common and impactful cloud security threats are identity-based.
The IT professionals surveyed stated that cloud account compromise is the most common and impactful cloud security threat (35%), followed by external cloud account exploits (23%) and unauthorized access and account compromise by insiders (14%).
Compliance proves to be challenging for enterprises.
About half (48%) of those who monitor their cloud access or have hybrid cloud systems deployed said that the process of ensuring compliance is highly challenging. Another 37% acknowledged that it is tough, but manageable.
Only 16% of respondents said that they are all sorted when it comes to compliance with cybersecurity laws, especially those related to the cloud.

Nearly 500 U.S. IT professionals in various industries, including healthcare, financial services, manufacturing and government, were surveyed for this report, which can be found here.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.