Due to the COVID-19 pandemic, IT security teams are now supporting a vastly new remote workforce — a wider attack surface — which increases sophisticated cyberattack attempts by adversaries. Security teams are managing dozens of, if not far more, security solutions to thwart, and security operations teams find themselves sorting manually through 100s of 1,000s of security alerts to close the gap between detection and response, fueling the growing epidemic of analyst burnout and putting enterprises at risk. Traditional security information and event management (SIEM) solutions that are used by many organizations and security teams are inadequate and failing to meet the growing needs of security analysts and the SOC, especially now.
Recently, Devo sponsored an annual Security Operations Center (SOC) Performance Report that was conducted between March 11- April 5, 2020 by the Ponemon Institute. It found that 78% of the respondents said working in a SOC is very painful. Additionally, 60% say the stress of working in the SOC has caused them to consider changing careers or leaving their jobs. Even worse, 69% said it is very likely or likely that experienced security analysts would quit the SOC. The burden of work on SOC analysts needs to be addressed and it needs to be addressed now - and that responsibility falls on leadership.