Security operations centers being limited by skilled staff shortages
- Published: Thursday, 02 August 2018 07:56
According to a new SANS survey, as security operations centers (SOCs) continue to mature, they are facing critical staffing and retention issues. Respondents also indicated that SOCs have no choice but to evolve, as the use of cloud, mobile, personal and Industrial IoT force their evolution.
The reality of security operations is that marginal improvements are hard to win, with the resulting pace of change impeding SOC evolution. Lack of skilled staff was listed as the top barrier to improving SOC performance and effectiveness. Performance shortfalls can also be linked to problems with metrics and automation. Slightly more than half of respondents (54 percent) collected SOC metrics; and most of the metrics were quantity metrics, rather than business-relevant effectiveness metrics.
SOCs are also lagging in automation/orchestration, which in turn limits the ability of staff to adequately identify issues, keep up with vulnerabilities and threats, and prioritize action and response.
Full survey results will be shared during a two-part webcast. Part 1, covering SOC staffing, the value of cloud-based services to augment staff and technology, and respondents' levels of satisfaction with the architectures they've deployed will be held on August 14, 2018 at 1 PM EDT. The Part 2 webcast, airing on August 16, 2018 at 1 PM EDT, will cover the tools and technologies SOCs are deploying to integrate and manage all their security, operational and response data for better protection, detection and response.