2018 State of the SOC Report - Exabeam

2018 State of the SOC Report

June 06, 2018


Reading time
3 mins

The results are in — on Exabeam’s comprehensive survey of U.S. and U.K. cybersecurity professionals involved in the management of a Security Operations Center (SOC).

In May 2018 Exabeam surveyed SOC professionals across CISO, CIO, analyst, and management roles to gain key information on the hiring and staffing, retention, processes, technologies, training and funding of the SOC.

The results paint a compelling picture of the factors that contribute to a well-run, efficient and effective SOC.

SOC Tenure, Staffing, and Outsourcing

Most SOCs are well established, with 91 percent operating for three years or more. Typically, SOC professionals have a longer tenure in IT than in a SOC.

Figure 1 – Twenty-seven percent of companies have had a SOC 10 plus years

While the majority of SOC professionals think their SOC is correctly staffed (55%), forty-five percent believe that the SOC is understaffed. Of those 45 percent, 63 percent think they could use anywhere from two and 10 additional employees.

While 40 percent of SOCs are outsourced, 95 percent only outsource parts of their SOC, and 5 percent outsource the whole operation. SOCs mostly outsource detection (47%) and monitoring (45%) and have response and expertise (68%) in-house.

What Should Change with the SOC?

While some wouldn’t change anything about their SOC (38%), the majority of survey participants would like to see changes, mainly around technology (17%), staffing (14%) and improving processes (12%).

Figure 2 – Fifty-six percent specified changes they’d like to see in their SOC

Here are what some of the respondents had to say about what should change in their SOC:

“I would centralize the SOC budget around more, very sophisticated anti-hacking technologies rather than the current traditional method.”

“I would centralize the SOC budget around more, very sophisticated anti-hacking technologies rather than the current traditional method.”

“Trash it all and start over instead of milking ancient legacy systems and hardware.”
– CIO, U.S., 9-10 YRS, $10-49 MILLION, RETAIL

The Varying Top Pain Points in the SOC by Role

The top pain points for CIOs and CISOs are false positives and white noise. For managers, it is the high percentage of out-of-date systems and applications. Frontline workers experience the greatest pain points with documentation and reporting and out-of-date systems.

Figure 3 – The top SOC pain points by role: CIO/CISO, SOC managers, frontline employees

Figure 4 – A disconnect: SOC roles and their different pain points

SOC Technology Adoption and Views on Machine Learning and Artificial Intelligence

The SOCs that rates themselves as highly effective have adopted technology at a higher rate than those that rate themselves as less effective. According to the respondents, machine learning is one of the soonest technologies to impact cybersecurity, while artificial intelligence will take the longest before it is ready to impact the security industry.

Figure 5 – Current technologies adopted by the SOC

To get your own copy of the complete fifty-page report, click here.


Similar Posts

Helping Interact Software Simplify Case Management While Increasing Visibility and Efficiency

Deloitte Implements Exabeam for Advanced Analytics on Insider Threats

Exabeam’s Cloud-based Security Operations Platform Improves Insights and Efficiency for BBS

Recent Posts

Exabeam News Wrap-up – Week of September 19, 2022

Exabeam News Wrap-up – Week of September 12, 2022

The 4 Steps to a Phishing Investigation

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!