Content, Content, Security Program Controls/Technologies, SOC

Exabeam Report: 45% of IT Pros Believe SOC Is Understaffed


Understaffed security operations centers (SOCs) are problematic for some businesses, which is reflected in a new report from security information and event management (SIEM) solutions provider Exabeam.

Forty-five percent of IT professionals said they believe their SOC is understaffed, according to Exabeam's 2018 State of the SOC Report. Among these professionals, 63 percent said they could use between two and 10 additional SOC employees.

The report also showed the most important skills for SOC professionals were:

  • Data loss prevention (DLP).
  • Ability to work in teams.
  • Malware analysis skills.
  • Network and system administration.

IT professionals cited high wages, a challenging work environment and workplace benefits as the top reasons for retaining SOC employees, the report indicated. Also, IT professionals named heavy competition for SOC workers as the biggest challenge in terms of employee retention.

Is Cyber Insurance a Top Priority for Businesses?

Fifty-one percent of companies with an SOC have a cyber insurance policy in place, the Exabeam report revealed. Furthermore, the top reasons for purchasing cyber insurance included:

  • Protection.
  • Necessity/business requirement.
  • Security hacks/expenses associated with security hacks.
  • Just in case/peace of mind.

Comparatively, the report showed the top reasons why businesses forego cyber insurance were:

  • Not necessary.
  • Too expensive.
  • Does not help.
  • Management.

Cyber insurance policies account for the security needs of businesses of all sizes and across all industries. As such, these policies enable businesses to receive cyber protection to address industry-specific cyber risks.

Disconnect Plagues SOC Leadership, Frontline Workers

There is a disconnect between SOC leadership and frontline workers at companies around the world, Exabeam CEO Nir Polak said. In fact, frontline workers and managers are more concerned with keeping up with security alerts (47 percent) than C-suite executives (35 percent), according to the Exabeam report.

In addition, machine learning technologies are viewed as some of the key technologies that likely will impact the security space in the near future, the Exabeam report indicated. Meanwhile, IT professionals named artificial intelligence (AI) as the technology that will take the longest before it is ready to impact the security industry.

Organizations that leverage advanced technology can use security intelligence to bridge the gap between SOC leadership and frontline workers, Polak stated. These organizations also may be better equipped than others to make faster, more informed decisions than ever before.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.