Follow Us:

Common and Best Practices for SOCs: Results of the 2019 SANS SOC Survey

SANS conducts a global Security Operations Center (SOC) survey yearly to identify current trends, while providing best practices to enable organizations to build, manage, maintain and develop their SOCs effectively and efficiently.

The results are in! The approach used this year adapted and was structured around the five major functions of the NIST Cyber Security Framework (CSF)–Identify, Protect, Detect, Respond, and Recover. The approach may not have been perfect in its execution, but did highlight the fact that many security tools operate cross-functionally, serving multiple purposes. The decision to map the survey to the NIST CSF is an indicator of the increasing importance of third-party control frameworks.

Key Highlights:

  • Lack of skilled staff is still a major concern with large percentage of respondents (58%), citing this as one of the key areas preventing success
  • Lack of tool integration, with 43% of the respondents citing that their tools don't work together to give them comprehensive coverage and visibility across their enterprise
  • Lack of automation and orchestration, allowing analysts to do their job more effectively and focus on higher importance alerts and incidents

Get the results

For more insights on SOC trends and to read the full report, click the link below. Here's another BTB Security "No BS" move, it's not behind a gate....seriously. Read it, enjoy it, learn from it. 

SANS SOC Pic

Share This Post :