Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As offensive security specialists for over 10 years, we have tested countless organisations who believe their SIEM, EDR or MDR provider offers them comprehensive defense, only to find them lacking in fundamental areas. From our experience, some “traditional” in-house, yet adequately resourced, Security Operations Centres (SOCs) can still provide a robust defense, while others struggle to stay on top of emerging threats.

The 2024 Global Digital Trust Insights survey from PwC reports that 36% of businesses have experienced a data breach that cost more than $1 million to remediate. Cyber threats are clearly on the rise and in today’s volatile threat environment, it is a matter of when - not if - a cybersecurity incident will occur. Digital adversaries are becoming more sophisticated and relying on weak links to exploit company applications and infrastructure.

Extended detection and response, better known as XDR, is a security technology that combines multiple point solutions, including but not limited to endpoint protection and endpoint security tools, into a unified incident detection and response platform. First described in 2018 by Palo Alto Networks' CTO Nir Zuk, XDR collects, correlates, and contextualises alerts from different solutions across endpoints, servers, networks, applications, and cloud workloads.

How many times can we say, “It’s been a busy week for the security industry,” before it becomes cliche? We recently discussed changes in the SIEM market, with mergers and acquisitions disrupting the traditional SIEM vendor landscape and XDR vendors introducing new SIEM solutions. This week, we continue to see a range of mixed messages from the market around the future of XDR and SIEM.

In this week’s episode of The Future of Security Operations podcast, I'm joined by Adam Khan. Adam is a cybersecurity and technology leader with over 25 years of experience working at Fortune 500 companies. He has a proven track record of building and managing global security teams, leading engineering, infrastructure, application, and product, and is currently VP of Global Security Operations at Barracuda.

Managed service providers (MSPs) are an attractive target for cybercriminals because of the large amount of sensitive data they handle and their access to their customers' critical infrastructure. A recent survey revealed that 78% of MSPs consider cybersecurity to be their biggest challenge, which has risen considerably from 67% last year. This trend highlights how important it is for MSPs to invest in innovative cybersecurity solutions and train skilled personnel to protect against new threats.