Exabeam Survey Highlights Negative Impact of the COVID-19 Pandemic

With 71% of cyber professionals reporting increased threats since the COVID-19 pandemic started, are SOCs prepared to mitigate these threats? The Exabeam 2020 State of the SOC report revealed 40% of companies reported being understaffed, which puts additional strain on security teams and makes their jobs much more challenging.

In this post, we’ll share insights from Exabeam’s latest survey of 1,005 U.S. and U.K. cybersecurity professionals who manage and operate SOCs. Our study included CIOs (50%) and security analysts and practitioners from companies across 12 different industries. Employee size ran the gamut, although the majority (53%) had between 100-249 security professionals.

Topics Covered

In our survey, we asked respondents about:

• Furloughs
• Staff redundancies
• Hiring
• Finance and budget
• Cyberattacks and implications
• Challenges working remotely

Key Takeaway: The results of our survey paint a striking picture of SOC organizations trying to manage more significant security threats with fewer resources.

Key Findings

Despite increasing cyber threats, furloughs are common

Unfortunately, despite the increase in cyber threats, our survey found three-quarters of organizations had to furlough members from the SOC team. About 50% had to furlough between 1-2 employees. The U.S. furloughed fewer SOC employees compared to their U.K. counterparts.

Figure 1: Seventy-five percent of organizations had to furlough SOC staff.

SOC teams are negatively impacted by redundancies

Overall, 68% of companies report having laid off staff members. The majority had between 1-3 employees laid off. U.S. SOCs had fewer layoffs  compared to the U.K. SOCs. 

Figure 2: Almost 30% of companies laid off two staff members from their security teams.

Hiring is deferred for many companies

Given the furlough and redundant findings, it’s no surprise that 57% of the companies had to defer hiring since the start of the COVID-19 pandemic. A higher percentage of U.S. companies (71%) delayed hiring compared to the U.K. with 42% deferring. 

Figure 3: Fifty-seven percent of organizations had to defer hiring.

Security technology investments are also deferred

The COVID-19 pandemic has not only harmed people, but it also forced 60% of companies to defer investments in security technology, which were previously planned. The U.S. had a higher deferment rate of 68% compared to the U.K. rate of 51%.

Figure 4: Nearly sixty percent of organizations had to defer investments in security technology previously planned.

More companies report seeing an increase in cyberattacks

Unfortunately, only 18% of companies overall had not seen an increase in the number of cyberattacks since the beginning of the COVID-19 pandemic. Eighty-eight percent of U.S. companies reported seeing slightly more and considerably more attacks compared to 74% of U.K. organizations.

Figure 5: Eighteen percent of organizations reported not having an increase in the number of cyberattacks since the beginning of COVID-19.

Working remotely introduces new challenges

Remote work has presented challenges for many SOC staff members. No doubt reduced staff numbers made their jobs even more difficult. Respondents cited communications within their security team as the most significant challenge mitigating threats while working remotely, followed by communications with other IT departments. Twenty-nine percent reported difficulty investigating attacks. There was little significant variance in problems between U.S. and U.K. companies, although a higher percentage of U.S. companies 40% had more difficulty communicating with other IT teams compared to 22% in the U.K.

Figure 6: Twenty-nine percent of organizations reported difficulty investigating attacks.

Distractions at home lead to mistakes

The shift to WFH has harmed many employees’ mental states and their ability to do their jobs. Some of the biggest challenges working remotely included being more prone to making mistakes due to distractions in the house — 49%, increased blurring of the line between personal and operated computers and data — 42% and learning new tools — 39%.

Figure 7: Forty-nine percent of security professionals were prone to making mistakes due to distractions in the home.

Most companies continue to use/invest in automation tools

With fewer SOC staff, automation tools are essential in mitigating security threats. Only 17% of companies decreased their use/investment in automation tools. Fifty-two percent reported neither increased/decreased use or investment. Only 8% of the U.S. reduced their use/investment in comparison to 26% of U.K. organizations.

Figure 8: Seventeen percent of companies decreased their use/investment in automation tools.

Most organizations have experienced a successful cyberattack since the pandemic started

Thirty-three percent of overall companies reported encountering a successful cyberattack since the beginning of the pandemic. There were no significant variances between U.S. and U.K. companies

Figure 9: Thirty-three percent of companies reported experiencing a successful cyberattack since the beginning of the COVID-19 pandemic.

Mitigation and legal costs are the top consequence of cyberattacks

Companies reported several consequences of successful cyberattacks. The most common effect was mitigation and legal costs — 44%, followed by loss of business revenue — 41% and a negative impact on brand reputation — 41%.

Figure 10: Forty-four percent of companies reported mitigation and legal costs were a consequence of successful cyberattacks.

Cyberattacks have broad-reaching financial implications

Considering many organizations are seeing a financial impact due to the pandemic, the additional cost of a cyberattack could not come at a worse time. Regarding lost business revenue, our survey found in the U.S., 35% lost between $38K-63K, and 14% reached losses of $63K-95K; in the U.K., 40% lost between £30K-50K.  In terms of the financial impact on a brand, in the U.K., 43% saw between £30K-50K in losses; in the U.S., 38% reported between $38K-63K in losses. Also, 7.5% in each region lost between £50K-75K or $63K-95K.

Concerning the financial impact of legal and mitigation costs, in the U.K., 33% spent between £20K-40K; in the U.S., approximately 30% spent between $38K-63K, and for 11 % the costs hit the $63K-95K range.

Most companies experienced downtime since the beginning of COVID-19

Since the beginning of the COVID-19 pandemic, 97% of companies experienced downtime between 1-4 hours. Fortunately, only 3% reported downtime higher than four hours.

Figure 11: Only 3% percent of companies experienced downtime greater than four hours.

Actionable insights for SOCs

The findings from our survey clearly show many SOCs have to manage a much more significant number of cyber threats with a leaner staff. Exabeam is committed to helping you and your SOC get through the COVID pandemic. Here are a few resources to help:

• Blog Series: Securing Your Remote Workforce 
• The State of the SOC report