The Future SOC: Harmonizing Detection and Response

) • July 12, 2019     10 Minutes   

The success of security operations centers will depend on how well they blend key technologies, including detection, user behavior analytics and orchestration, says Haiyan Song, senior vice president and general manager of security market at Splunk.

Some 90 percent of the tier 1 work that security teams do should could be automated, Song says in an interview with Information Security Media Group. If so, teams could then spend more than 50 percent of their time on tasks that require human reasoning and intuition. But that requires administrators to bring data together in a way that's clear and actionable.

"If you want to automate, you need one place," she says.

In this interview (see audio link below photo), Song also discusses:

How organizations are automating their security responses; Where organizations need to improve to close the gap between detection of an adversary and taking action; How artificial intelligence applied to security will depend on better feedback loops.

Song is senior vice president and general manager of security market for Splunk. She previously was vice president and general manager of HP ArcSight, where she also served as vice president of engineering.