ZIUR recommends that companies complement their cybersecurity strategy with the implementation of advanced technologies
ZIUR recommends that companies complement their cybersecurity strategy with the implementation of advanced technologies
In its latest report, it analyzes the benefits of tools such as SIEM, SOAR, and XDR, which facilitate the detection and response to cyberincidents
ZIUR, the Gipuzkoa Industrial Cybersecurity Center, recently published a technical report analyzing the benefits of SIEM, SOAR, and XDR tools, which act as security event managers and facilitate extended incident detection and response, as well as the orchestration and automation of security processes.
Aware that industrial environments are increasingly interconnected and digitalized, and that incidents are becoming more sophisticated thanks to the advancement of technologies such as AI and Quantum Computing, the Foundation is working to educate organizations on the importance of implementing advanced cybersecurity tools to help them orchestrate security and ensure operational continuity.
“Studies such as ESG Research indicate that 70% of companies are already investing or planning to invest in XDR in the next six months, while more than 80% plan to increase their investments in detection and response technologies. Therefore, we want to offer industrial companies a useful guide on these technologies, since resilience against cyberthreats is now a prerequisite for the sustainable and secure growth of the sector,” said María Penilla, director of ZIUR.
The Foundation's report, entitled 'SIEM, SOAR, and XDR in Industrial Environments,' aims to provide the necessary information for companies in the Gipuzkoa industrial sector to effectively evaluate the supplier market, taking into account that by 2024 the security automation industry will exceed $10 billion globally, with annual growth of 7.9% in SOAR, 16.7% in SIEM, and 20.8% in XDR (Grand View Research).
What do these tools contribute?
To understand what these tools provide, ZIUR explains that SIEM (Security Information and Event Management) technology alerts companies if there is unusual behavior on the machine (an incident) or if "someone" is trying to access something they shouldn't (a threat). Its real-time detection of incidents and threats facilitates rapid action by companies.
Once a threat or incident is identified, SOAR (Security Orchestration, Automation, and Response) comes into play, automatically responding to the incident in different ways, for example, isolating a computer, blocking a user, or alerting the security team. This technology saves time and prevents human error in companies. It also contributes to efficient coordination between different tools.
XDR (Extended Detection and Response) technology, on the other hand, integrates data from multiple sources such as servers, mobile devices, networks, or industrial sensors and applies artificial intelligence to anticipate attacks and minimize their impact. In short, it offers advanced protection by detecting threats that other technologies might miss.
Therefore, the report recommends implementing and combining these advanced technologies to automate responses and reduce the operational burden on companies. However, it emphasizes the importance of adopting a comprehensive cybersecurity strategy and establishing clear incident management policies.
ZIUR also recommends training staff in cybersecurity applied to industrial environments and collaborating with specialized centers to strengthen capabilities and increase competitiveness.
See the report at: https://www.ziur.eus/en/-/report-siem-soar-and-xdr-in-industrial-environments