How does your company stack up against the state of the security operations center (SOC)? In its inaugural report on the topic, next-generation SIEM provider Exabeam surveyed a range of IT professionals working in the SOC – from the most senior personnel to those on the frontlines – to help you find out.
Highlighting technology challenges; hiring and staffing issues; processes and pain points; as well as finance and funding difficulties, the report found stark differences of opinion between executives and their teams—all of which can lead to security alert fatigue and potentially devastating cyberattacks.
This was especially noticeable around technology, where 79 percent of managers and frontline employees expressed frustration with outdated equipment, compared to 22 percent of CIOs and CISOs. However, all job functions highlighted false positives and keeping up with security alerts as a top concern.
In regards to hiring and staffing, 45 percent of SOC professionals believe their SOC is understaffed, and of those, 2/3 (63 percent) think they could use 2-10 more employees. Those involved in the day-to-day, such as managers and frontlines employees, saw inexperienced staff as a key pain point (62 percent), compared to just 1/5 of CIOs and CISOs (21 percent). Data loss prevention, ability to work in teams and malware software were identified as the top skills—while digital forensics, communication and soft skills present the widest gaps.
Nearly half (47 percent) cited keeping up with security alerts as their biggest pain point, but technology is two times more of a pain point for frontline workers (50 percent) than the C-suite (22 percent). Machine learning technologies are seen as the soonest to impact the security space, while AI feels far off.
Plus, more than half of SOC professionals (54 percent) believe technology in the SOC is underfunded. Fifty-one percent expressed satisfaction with funding levels related to the SOC, but unsurprising, the majority (81 percent) stated they’d like more budget.
And interestingly, just half (51 percent) of companies have a cyber insurance policy in place. SOCs in the UK are more likely to have this than their U.S. counterparts. Protection of data is the biggest driver for cyber insurance (47 percent). Those that don’t have it feel that it is unnecessary or too expensive (45 percent).
Enterprises today face an ever-increasing number and variety of threats – and any disconnect between SOC leadership, and those on the ground managing day-to-day operations – no matter how small – should signal an alarm bell. Organizations need the advanced security intelligence that technology delivers – without it, they leave themselves open to the worst that cybercriminals have in their war chests.
Read the full report to find out where your SOC falls: https://www.exabeam.com/library/2018-exabeam-state-of-the-soc-report/.