When ChatGPT debuted in November 2022, it ushered in new points of view and sentiments around AI adoption. Workers from nearly every industry started to reimagine how they could accomplish daily tasks and execute their work — and the cybersecurity industry was no exception. Like shadow IT, new rogue AI tools — meaning AI tools that employees are adopting unbeknownst to the organization they work for — can pose security risks to your organization.

Due to economic pressures, staffing reductions, and lack of available talent, CISOs today are facing extreme pressure to do more with less. And retaining your best employees during tough times is becoming a major challenge across industries. Research at Devo shows SOC analysts are feeling stressed over too much work and not enough resources. In fact, more than 71% of SOC professionals we surveyed said they’re likely to quit their job because of information overload and lack of tools.

It’s hard to go a day without some headline touting how generative AI is transforming the future of work. And this sentiment certainly rings true in the security industry as security operations centers (SOCs) continue to mature their security posture with automation so that they can protect their enterprise and customer data. But how are leaders and teams feeling about the progress of AI adoption and how the tools are being used?

Mass layoffs. Budget cuts. Funding shortages. Fears of recession. Headlines paint a bleak picture for organizations in 2023. To prepare for the turbulent year ahead, companies are scaling back their spending in droves. Yet, amid ruthless cost-cutting, many organizations are still prioritizing their investments in bulking up cybersecurity defenses. The question is, what are they spending these budgets on?

On March 1, 2023, the US White House released the long-awaited National Cybersecurity Strategy. As a product manager, I am often the voice of the customer, and our customer’s should be excited about this strategy. Throughout the strategy it is clear that the needs of the end users have been prioritized compared to other stakeholders. After reading this cover to cover, here are some nuggets of insight that our customers should be aware of.

With the rapid expansion in both scale and variety of technologies in modern business systems, there comes a need to further secure those technologies to prevent nefarious actors from causing havoc. The expanding data landscape creates a much larger attack surface for bad actors to exploit, and as a result leaves many organizations at risk from theft, fraud or other undesirable behavior.

Authentication, at its core, is the act of verifying credentials. In the case of human beings, it’s as simple as answering the question, “Who are you, and how do I know for sure it’s you?” Authentication is something we’re constantly engaging with in everyday life.

Last Summer, President Biden issued Executive Order 14028 to help boost and improve government cybersecurity operations in response to increased threats worldwide. Memorandum OMB-21-31 from the Office of Management and Budget soon followed, which explained the critical role data log collection and analysis play across all branches of the Federal Government.

Our SOC Performance Report found that it takes an average of seven months to fill open SOC positions, and 55% of those doing the hiring are struggling to find qualified staff. As a result, SOC resources are strained, putting the team at risk for fatigue and burnout, which can cause them to miss critical alerts. Research has shown this is a widespread issue, too, as most SOCs waste an average of 10,000 hours annually validating unreliable and incorrect alerts.

How to Create an IP Search Activeboard How to Add More Data How to Create a User Search Activeboard Having the ability to easily visualize and analyze security data is key to being able to quickly spot and thwart bad actors. Devo provides an easy way to do this with Devo Activeboards, an intuitive, interactive way to visualize data being ingested into the Devo Platform. Activeboards can be used to assist analysts in incident response (IR) or threat hunting activities. How?