The tightening of regulatory compliance in the financial sector is underscored by the Securities and Exchange Commission's (SEC) recent adoption of enhanced guidelines on risk management, strategy, governance, and incident disclosure, which were announced on July 26, 2023. These new mandates apply to all publicly traded companies under SEC jurisdiction. While IT and cybersecurity leaders should familiarize themselves with the new rules, the most pertinent update is requiring cybersecurity incidents to be disclosed within four business days after an incident is deemed material. Even more, the SEC states that a materiality determination should be made without unreasonable delay.
The rationale behind this stringent timeline is founded on the potential impact that cybersecurity incidents have on shareholder value and the broader market. Timely disclosure ensures that investors are adequately apprised of risks to their investments and can make informed decisions regarding any financial exposure stemming from such incidents.
Unfortunately, the approach of placing humans on the incident response frontlines is growing more antiquated as the years tick by. That is why modern next-gen security operation centers (SOC) integrate automation into time-saving workflows to maximize operational efficiencies and better satisfy today’s shrinking disclosure windows.
Incorporating automation into your SOC can yield significant advantages including:
One way to automate your SOC is to implement a Security Orchestration, Automation, and Response (SOAR) solution such as Cortex XSOAR from Palo Alto Networks. Consider the experience of Sitecore, a top-tier digital experience firm recognized in Gartner’s 2022 Magic Quadrant. After implementing Cortex XSOAR, the company achieved 90% automation of security events in their SOC with an average time to fix of only nine minutes. And here's the clincher: With upwards of 45,000 events recorded each week, it only takes two analysts to manage all of Sitecore’s cyber incidents. Clearly, less is more when it comes to SOAR.
This level of automation not only showcases the power of SOAR solutions in optimizing security operations, but also underscores the potential for significant resource allocation and efficiency gains within any SOC. It isn’t just about stats, however. Sitecore also witnessed an improved investigation quality as their security analysts collaborated more closely, leading to quicker action and deeper learnings.
Cortex XSOAR propels SOC environments into a new era of efficiency with features like automated phishing playbooks, vulnerability management orchestration, and cloud threat detection. For now, let’s focus on threat intelligence management (TIM). SOAR TIM utilizes threat feeds that then provide context for alerts as they arrive. While alerts are ingested, you can automatically enrich them with the latest threat intel from your feeds, giving you insightful context for how external and emerging threats impact your environment.
The TIM module in Cortex XSOAR goes a step further by automating indicator enrichment. This provides SOC analysts with advanced notice and a nuanced understanding of emergent threats, thereby empowering them to preemptively thwart potential attacks.
Threat intelligence is but one facet of SOAR, however. Palo Alto’s Cortex XSOAR helps transform security operations by TIM with case management and real-time collaboration. This cohesive approach enables SOC teams to consolidate alerts from disparate sources, normalize operations through playbook application, leverage threat intelligence decisively, and orchestrate a comprehensive automated response for a wide array of security scenarios.
Cortex XSOAR emerges as a pivotal tool in helping enterprises meet stringent disclosure timelines set by these new SEC regulations. It streamlines the entire lifecycle of incident response from detection to remediation and reporting. Here's how XSOAR transforms the SOC’s capabilities, making the 96-hour reporting requirement more achievable:
As the SEC reshapes what is expected from cybersecurity disclosures, SOCs must adapt by integrating solutions like Cortex XSOAR to not only comply with regulations, but to also enhance their overall security posture. To learn more about the transformative power of Cortex SXOAR as well as other solutions and strategies to hep adapt to these new regulations, speak with a WEI cybersecurity specialist today.