SANS conducts a global Security Operations Center (SOC) survey yearly to identify current trends, while providing best practices to enable organizations to build, manage, maintain and develop their SOCs effectively and efficiently.
The results are in! The approach used this year adapted and was structured around the five major functions of the NIST Cyber Security Framework (CSF)–Identify, Protect, Detect, Respond, and Recover. The approach may not have been perfect in its execution, but did highlight the fact that many security tools operate cross-functionally, serving multiple purposes. The decision to map the survey to the NIST CSF is an indicator of the increasing importance of third-party control frameworks.
- Lack of skilled staff is still a major concern with large percentage of respondents (58%), citing this as one of the key areas preventing success
- Lack of tool integration, with 43% of the respondents citing that their tools don't work together to give them comprehensive coverage and visibility across their enterprise
- Lack of automation and orchestration, allowing analysts to do their job more effectively and focus on higher importance alerts and incidents
Get the results
For more insights on SOC trends and to read the full report, click the link below. Here's another BTB Security "No BS" move, it's not behind a gate....seriously. Read it, enjoy it, learn from it.