The results are in — on Exabeam’s comprehensive survey of U.S. and U.K. cybersecurity professionals involved in the management of a Security Operations Center (SOC).
In May 2018 Exabeam surveyed SOC professionals across CISO, CIO, analyst, and management roles to gain key information on the hiring and staffing, retention, processes, technologies, training and funding of the SOC.
The results paint a compelling picture of the factors that contribute to a well-run, efficient and effective SOC.
SOC Tenure, Staffing, and Outsourcing
Most SOCs are well established, with 91 percent operating for three years or more. Typically, SOC professionals have a longer tenure in IT than in a SOC.
Figure 1 – Twenty-seven percent of companies have had a SOC 10 plus years
While the majority of SOC professionals think their SOC is correctly staffed (55%), forty-five percent believe that the SOC is understaffed. Of those 45 percent, 63 percent think they could use anywhere from two and 10 additional employees.
While 40 percent of SOCs are outsourced, 95 percent only outsource parts of their SOC, and 5 percent outsource the whole operation. SOCs mostly outsource detection (47%) and monitoring (45%) and have response and expertise (68%) in-house.
What Should Change with the SOC?
While some wouldn’t change anything about their SOC (38%), the majority of survey participants would like to see changes, mainly around technology (17%), staffing (14%) and improving processes (12%).
Figure 2 – Fifty-six percent specified changes they’d like to see in their SOC
Here are what some of the respondents had to say about what should change in their SOC:
“I would centralize the SOC budget around more, very sophisticated anti-hacking technologies rather than the current traditional method.”
– CIO, U.K., 6-8 YRS, $5-9.99 BILLION, FINANCE AND INSURANCE
“I would centralize the SOC budget around more, very sophisticated anti-hacking technologies rather than the current traditional method.”
– CIO, U.K., 3-5 YRS, $5-9.99 BILLION, FINANCE AND INSURANCE
“Trash it all and start over instead of milking ancient legacy systems and hardware.”
– CIO, U.S., 9-10 YRS, $10-49 MILLION, RETAIL
The Varying Top Pain Points in the SOC by Role
The top pain points for CIOs and CISOs are false positives and white noise. For managers, it is the high percentage of out-of-date systems and applications. Frontline workers experience the greatest pain points with documentation and reporting and out-of-date systems.
Figure 3 – The top SOC pain points by role: CIO/CISO, SOC managers, frontline employees
Figure 4 – A disconnect: SOC roles and their different pain points
SOC Technology Adoption and Views on Machine Learning and Artificial Intelligence
The SOCs that rates themselves as highly effective have adopted technology at a higher rate than those that rate themselves as less effective. According to the respondents, machine learning is one of the soonest technologies to impact cybersecurity, while artificial intelligence will take the longest before it is ready to impact the security industry.
Figure 5 – Current technologies adopted by the SOC
To get your own copy of the complete fifty-page report, click here.
Similar Posts
Recent Posts
Stay Informed
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!