IT disaster recovery, cloud computing and information security news

Struggles with legacy technology and false positives are key challenges for security operations centres

A new report from Exabeam highlights key challenges faced by those who manage and work in security operations centres (SOCs). The inaugural ‘State of the SOC’ report highlights the challenges which have the potential to limit the ability of SOCs to tackle ever increasing volumes of security alerts and potential cyber attacks. The report also identifies a number of key differences between US and UK SOCs. 

This study sought the opinion of IT professionals working in a SOC from the most senior to those managing and working at the coal-face. In some instances there were stark differences of opinion between executives and their teams. This was especially noticeable around technology, where 79 percent of managers and frontline employees expressed frustration with legacy and out-dated equipment, compared to 22 percent of CIO and CISOs.  However, all job functions highlighted false positives and keeping up with security alerts as a top of mind concern.

Key findings include:

Hiring and staffing

45 percent of SOC professionals believe their SOC is understaffed, and of those, nearly two thirds (63 percent) think they could use anywhere from an additional 2-10 employees

62 percent of managers and frontline employees see inexperienced staff as a key pain point, compared to just one fifth (21 percent) of CIO & CISOs

The most important skills were identified as:

  • Data loss prevention, ability to work in teams and malware software;
  • Gaps in current skills include digital forensics, and communication and soft skills.

Technology trends and pain points

Nearly half of all respondents (47 percent) cited keeping up with security alerts as the biggest pain point.

Technology is two times more of a pain point for front-line workers (50 percent) than the c-suite (22 percent).
79 percent of managers and frontline employees are concerned with legacy and out-dated equipment, compared with just 22 percent of CIO & CISOs. 

More than half of SOC professionals (54 percent) believe technology (in the SOC) is underfunded.

Machine learning technologies are perceived as some of the soonest to impact the security space, whereas artificial intelligence will take the longest.

Finance and budget

Over half of respondents (51 percent) expressed satisfaction with funding levels related to the SOC, but unsurprising the majority (81 percent) stated they would like more budget.

Half (51 percent) of companies have a cyber insurance policy in place. SOCs in the UK are more likely to have cyber security insurance than their US counterparts.  Protection of data is the biggest driver for cybersecurity insurance (47 percent). Those that don’t have it feel that it is unnecessary or too expensive (45 percent).

To download the full report, click here.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.