- SOAR 101
The shift toward broader acceptance of remote work is undeniable, and no longer tied to the acute dangers of the coronavirus pandemic. It is unclear where the level of remote work will stabilize in the coming years, but it seems very likely to stay much higher than the pre-2020 level. Many major companies have embraced the change, with Facebook, Spotify, Shopify, Twitter, Microsoft, Adobe, Amazon, Capital One, and Coinbase among the many organizations that have announced plans to support long-term remote work or hybrid work.
Debates rage on about the long-term implications of an increasingly dispersed workforce, but we now have a good sample size to draw from to point to trends in what has happened so far, how people feel about it, and what it means for security operations.
In our new whitepaper, we expand on this topic and explore the solutions that D3 XGEN SOAR provides. You can download that whitepaper, SOAR Playbooks for the Remote Work Era, here.
The 2021 Gartner CIO Survey found that 64% of employees in surveyed organizations are allowed to work from home and 40% actually do. 26% of respondents to a different survey on the state of remote security operations said it would be a year or longer before their security team returned to the office (if they ever did).
Remote work affects morale very differently from person to person, but it is viewed positively in general. The same remote security operations survey found that 70% of employees reported either no change or a positive change to their morale due to remote work. Two studies by PwC found that the perception of remote work is improving over time, with 73% rating remote work as an overall positive in a 2020 study and 83% rating it as an overall positive in a study one year later.
The effects of remote work on productivity are harder to measure, but the PwC studies also found an 8% increase in respondents who said they were more productive during remote work from 2020 to 2021, up from 44% to 52%.
The impacts of the changing work environment have widespread implications for security operations. As is the case for most teams, a remote workforce makes hiring security professionals easier (because you can theoretically draw from a global talent pool) but training and communication more difficult.
One effect has been that more security teams have moved tools to the cloud or outsourced functions to managed service providers. According to CyberRes’ 2021 State of Security Operations report, 95% of SOCs now deploy their tools in a hybrid-cloud environment. SANS surveys found a 16% increase in organizations leveraging an MSSP from 2020 to 2021. Cloud tools and managed services both enable agility and cost-effectiveness that mesh well with a remote workforce, instead of investing in on-premise infrastructure. Cloud-native security tools also help security teams enforce the zero-trust security model that is all-important for secure remote work.
The concerns of security teams have also changed significantly. The CyberRes report also found that 40% of respondents said the primary challenge facing their current security operations teams is addressing an increasingly complex attack surface. And 85% of respondents increased monitoring controls as a response to COVID-related workforce transformation, as well as complex remote and secure access service edge requirements.
With these major changes to security operations, organizations need new tools, processes, and procedures to keep their systems and data secure in the remote work era. Many companies have turned to D3 XGEN SOAR to codify their security workflows into automation-powered playbooks.
In our new whitepaper, we break down four SOAR playbooks that our clients are using to mitigate the risks of remote work. You can download your free copy of SOAR Playbooks for the Remote Work Era here.
Do you want to see D3 in action? Join us for a 25-minute deep-dive demo and see how our award-winning Security Orchestration, Automation, and Response (SOAR) platform helps security teams accelerate incident response, scale processes, and learn from every incident.REGISTER NOW