Follow Us:

Trusted Information Security Insights

Common and Best Practices for SOCs: Results of the 2019 SANS SOC Survey

SANS conducts a global Security Operations Center (SOC) survey yearly to identify current trends, while providing best practices to enable organizations to build, manage, maintain and develop their SOCs effectively and efficiently. The results are in! The approach used this year adapted and was structured around the five major functions of the NIST Cyber Security Framework (CSF)–Identify, Protect, Detect, Respond, and Recover. The approach may not have been perfect in its execution, but did highlight the fact that many security tools operate cross-functionally, serving multiple purposes. The decision to map the survey to the NIST CSF is an indicator of the increasing importance of third-party control frameworks. Key Highlights: Lack of skilled staff is still a major concern with large percentage of respondents (58%), citing this as one of the key areas preventing success Lack of tool integration, with 43% of the respondents citing that their tools don't work together to give them comprehensive coverage and visibility across their enterprise Lack of automation and orchestration, allowing analysts to do their job more effectively and focus on higher importance alerts and incidents Get the results For more insights on SOC trends and to read the full report, click the link below. Here's another BTB Security "No BS" move, it's not behind a gate....seriously. Read it, enjoy it, learn from it. …

Written by BTB

The True Cost of a Security Operations Center (SOC)

Knowing the true cost of your SOC—including capital, payroll, recurring expenses, and care—prevents wasteful spending and keeps your operation lean. Our dedicated information security experts can show you how careful planning and wise use of resources can keep your data secure and your bottom line healthy—two things previously thought to…

Written by Matthew Wilson

GO BEYOND THE BASICS

Our clients trust us to keep their businesses resilient. How secure is your organization?
Schedule Consultation

Detect: Assessments & Testing

Defend: Comprehensive Monitoring

Defeat: Incident Response & Forensics