CIOs and CISOs are increasingly concerned about incident response, automation and threat hunting; conversely, security operations center (SOC) analysts prioritize procedure and policy, monitoring security tools and investigations, according to the Exabeam "2019 State of the SOC Report."
Key takeaways from the report include:
1. SOCs frequently outsource malware analysis and threat intelligence.
The number of SOCs to outsource malware analysis (55 percent) and threat intelligence (45 percent) rose year over year. Meanwhile, the number of SOCs to outsource event and data monitoring (37 percent) fell 10 percentage points year over year.
2. SOC staffing remains a major problem.
SOC staffing issues are most prevalent among less effective SOCs compared to more effective SOCs. Furthermore, the highest correlation relative to employee retention in SOCs involves competitive benefits and the nature of SOC work.
3. SOC soft skills take precedence over hard skills.
SOCs often prioritize soft skills when they evaluate talent. In fact, 65 percent of SOCs said they are placing increased emphasis on soft skills over hard skills.
4. Time spent on reporting and documentation is a top pain point for SOC personnel.
SOCs ranked time spent on reporting and documentation (33 percent) as their top pain point. In addition, alert fatigue (27 percent) and false positives (24 percent) ranked among the top pain points for SOC personnel.
5. Advanced network and cloud monitoring represents a top technology priority.
Advanced network and cloud monitoring, big data security analytics and identity and access management (39 percent) was the top technology priority for SOCs. Also, endpoint detection and response (EDR) technology (38 percent) ranked second among the top technology priorities for SOCs.