Business
Published by Gbaf News
Posted on June 8, 2018
Editorial & Advertiser disclosure
Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.
Struggles with legacy technology, keeping up with security alerts and lack of alignment with C-Suite identified as key challenges
Infosecurity Europe, London, UK – A new report from next-gen SIEM vendor, Exabeam highlights key challenges faced by those who manage and work in Security Operations Centres (SOCs).
The inaugural ‘State of the SOC’ report highlights technology challenges; hiring and staffing issues; processes and pain points; as well as finance and funding difficulties, all of which have the potential to limit the ability of SOCs to tackle ever increasing volumes of security alerts and potential cyber attacks. The report also identifies a number of key differences between US and UK SOCs.
This study sought the opinion of IT professionals working in a SOC from the most senior to those managing and working at the coal-face. In some instances there were stark differences of opinion between executives and their teams. This was especially noticeable around technology, where 79 percent of managers and frontline employees expressed frustration with out-dated equipment, compared to 22 percent of CIO and CISOs. However, all job functions highlighted false positives and keeping up with security alerts as a top of mind concern.
Key findings:
Hiring and staffing:
- 45 percent of SOC professionals believe their SOC is understaffed, and of those, nearly two thirds (63 percent) think they could use anywhere from an additional 2-10 employees
- 62 percent of managers and frontline employees see inexperienced staff as a key pain point, compared to just one fifth (21 percent) of CIO & CISOs
- The most important skills were identified as:
o Data loss prevention, ability to work in teams and malware software
o Gaps in current skills include digital forensics, and communication and soft skills
Technology trends and pain points:
- Nearly half of all respondents (47 percent) cited keeping up with security alerts as the biggest pain point
- Technology is two times more of a pain point for front-line workers (50 percent) than the c-suite (22 percent)
- 79 percent of managers and frontline employees are concerned with out-dated equipment, compared with just 22 percent of CIO & CISOs
- More than half of SOC professionals (54 percent) believe technology (in the SOC) is underfunded
- Machine learning technologies are perceived as some of the soonest to impact the security space, whereas artificial intelligence will take the longest
Finance and budget:
- Over half of respondents (51 percent) expressed satisfaction with funding levels related to the SOC, but unsurprising the majority (81 percent) stated they would like more budget
- Half (51 percent) of companies have a cyber insurance policy in place. SOCs in the UK are more likely to have cybersecurity insurance than their US counterparts. Protection of data is the biggest driver for cybersecurity insurance (47 percent). Those that don’t have it feel that it is unnecessary or too expensive (45 percent)
Nir Polak, CEO at Exabeam, commented: “Enterprises today face an ever-increasing number and variety of threats – and any disconnect between SOC leadership, and those on the ground managing day-to-day operations – no matter how small – should signal an alarm bell. The perceived lack of investment in technology was particularly worrying. Organisations need the advanced security intelligence that technology delivers – without it they leave themselves open to the worst that cybercriminals have in their war chests.”
Struggles with legacy technology, keeping up with security alerts and lack of alignment with C-Suite identified as key challenges
Infosecurity Europe, London, UK – A new report from next-gen SIEM vendor, Exabeam highlights key challenges faced by those who manage and work in Security Operations Centres (SOCs).
The inaugural ‘State of the SOC’ report highlights technology challenges; hiring and staffing issues; processes and pain points; as well as finance and funding difficulties, all of which have the potential to limit the ability of SOCs to tackle ever increasing volumes of security alerts and potential cyber attacks. The report also identifies a number of key differences between US and UK SOCs.
This study sought the opinion of IT professionals working in a SOC from the most senior to those managing and working at the coal-face. In some instances there were stark differences of opinion between executives and their teams. This was especially noticeable around technology, where 79 percent of managers and frontline employees expressed frustration with out-dated equipment, compared to 22 percent of CIO and CISOs. However, all job functions highlighted false positives and keeping up with security alerts as a top of mind concern.
Key findings:
Hiring and staffing:
- 45 percent of SOC professionals believe their SOC is understaffed, and of those, nearly two thirds (63 percent) think they could use anywhere from an additional 2-10 employees
- 62 percent of managers and frontline employees see inexperienced staff as a key pain point, compared to just one fifth (21 percent) of CIO & CISOs
- The most important skills were identified as:
o Data loss prevention, ability to work in teams and malware software
o Gaps in current skills include digital forensics, and communication and soft skills
Technology trends and pain points:
- Nearly half of all respondents (47 percent) cited keeping up with security alerts as the biggest pain point
- Technology is two times more of a pain point for front-line workers (50 percent) than the c-suite (22 percent)
- 79 percent of managers and frontline employees are concerned with out-dated equipment, compared with just 22 percent of CIO & CISOs
- More than half of SOC professionals (54 percent) believe technology (in the SOC) is underfunded
- Machine learning technologies are perceived as some of the soonest to impact the security space, whereas artificial intelligence will take the longest
Finance and budget:
- Over half of respondents (51 percent) expressed satisfaction with funding levels related to the SOC, but unsurprising the majority (81 percent) stated they would like more budget
- Half (51 percent) of companies have a cyber insurance policy in place. SOCs in the UK are more likely to have cybersecurity insurance than their US counterparts. Protection of data is the biggest driver for cybersecurity insurance (47 percent). Those that don’t have it feel that it is unnecessary or too expensive (45 percent)
Nir Polak, CEO at Exabeam, commented: “Enterprises today face an ever-increasing number and variety of threats – and any disconnect between SOC leadership, and those on the ground managing day-to-day operations – no matter how small – should signal an alarm bell. The perceived lack of investment in technology was particularly worrying. Organisations need the advanced security intelligence that technology delivers – without it they leave themselves open to the worst that cybercriminals have in their war chests.”