This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
Security Magazine logo
  • MAGAZINE
    • Digital Edition
    • This Month's Issue
    • Archives
  • NEWS
    • Security Newswire
    • COVID-19
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • COLUMNS
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • PHYSICAL
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • CYBER
  • SECTORS
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • EXCLUSIVES
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MORE
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
    • Call for Entries
  • CONTACT
    • Advertise
    • Editorial Guidelines
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Home » Turf battles and silo issues damage SOC ROI
TechnologiesManagementPhysicalCyberSecurity NewswireCyber Security News

Turf battles and silo issues damage SOC ROI

The Johnson Controls GSOC
June 23, 2020
KEYWORDS cyber security / emergency management / IT infrastructure / Security Operations Center (SOC)
Order Reprints
No Comments

A new survey on the current state of security operations center (SOC) performance has found that while some organizations have increased funding, the overall gains have been meager, and the most significant issues have not only persisted, but worsened.

The second annual Devo SOC Performance ReportTM, based on a survey conducted by Ponemon Institute also found that 60 percent of SOC team members are still considering changing careers or leaving their jobs due to stress.

On the positive side, the importance of investing in a SOC remains high, with 72 percent of respondents categorizing the SOC as “essential” or “very important” to their organization’s overall cybersecurity strategy, up 5 percent year-over-year, says the report. Additionally, the average annual cybersecurity budget for organizations rose $6 million to $31 million, with the SOC representing more than one-third of that total. For respondents whose organizations have invested in people, process, and technology, the performance differences are stark. Strong business alignment (73 percent) and extensive training (67percent) help high-performing SOCs more than double the effectiveness of their lower-performing brethren. However, the pain and barriers facing SOC teams are universal and worsening, with higher performers citing 10% more pain at an extreme level (9-10 on a 10-point scale), and virtually no difference in the level below that (7-8).

The major areas of pain and resistance include:

  • 70 percent suffer a lack of visibility into the IT infrastructure (up from 65 percent)
  • 64 percent combat turf or silo issues between IT and the SOC (up from 57percent)
  • 71 percent need greater automation (up from 67 percent), especially as they continue to spend substantial manual cycles on tasks such as alert management (47 percent), evidence gathering (50 percent), and malware protection and defense (50 percent)
  • Environmental factors are driving substantially higher pain, including information overload

The survey also found that people, process and technology are misaligned and inefficient:

  • Organizations have too many tools and more than half don’t have all the data necessary, nor the ability to capture actionable intelligence
  • While 76 percent say training/retention is highly important, more than 50 percent have no formal programs in place, and more than 50% cite the lack of skilled personnel as a major factor in SOC inefficiency
  • Mean time to response (MTTR) remains unacceptably high, with 39 percent saying their average time to resolve an incident is “months or even years”

Among the lessons that can be learned from the findings, the top three actions cited to demonstrably alleviate SOC analyst pain are greater workflow automation (71 percent), implementing advanced analytics/machine learning (63 percent) and access to more out-of-the-box content (55 percent).

 

Subscribe to Security Magazine

 

Email-icon-100

I want to hear from you. Tell me how we can improve.

BNP Media Owner & Co-CEO, Tagg Henderson

Related Articles

Most Organizations Frustrated with SOC's Cybersecurity Effectiveness

Curiosity, creativity, collaboration: The human elements of the SOC

Threat Hunters Infiltrate and Automate the Evolving SOC

Have You Chosen the Right Person to Lead Your SOC?

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company. Interested in participating in our Sponsored Content section? Contact your local rep.

Close
Sponsored content bnp covid  3j9fmqpy3i  1
Sponsored By
SureView Operations

How command centers are responding to COVID-19

In recent months, I’ve had many different conversations with our customers about how the COVID pandemic has impacted their security operations—from global companies with hundreds of thousands of employees to much smaller organizations with control rooms responsible for local operations and campuses. The overwhelming feedback is that everyone has needed, in one way or another, to change their processes, and expect to continue having to do so for the foreseeable future.

Popular Stories

SEC1120-Protests-Feat-slide1_900px

Terrorism and security threat trends in 2021

SEC0719-Privacy-Feat-slide1_900px

5 cybersecurity predictions for 2021

Suburbs of Chicago install gunshot detection solution

Kankakee and North Chicago in Illinois deploy gunshot detection solution for patrol

anne neuberger

Anne Neuberger, NSA's director of cybersecurity, to join Joe Biden's National Security Council

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

CISA updates emergency directive for SolarWinds Orion compromise

2.16_SEC_SBS_360X180_customcontent.png

Events

September 24, 2020

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

October 28, 2020

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

View All Submit An Event

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

Who has ownership or primary responsibility of video surveillance at your enterprise?
View Results Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 7th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
Security 500 360

The latest news and information

Content written for business-minded executives who manage enterprise risk and security

REGISTER TODAY
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners
  • Privacy
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2021. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing