• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

Cyber Security Market

Cyber Security Technologies & Markets

  • Cyber Security Events 2022-2023
  • Market Reports
  • Sponsored Post
  • Make a Contribution
  • About
  • Contact

The State of the SOC Report Finds Excessive Alerts, Outdated Metrics, and Limited Integration Lead to Over-taxed Security Operations Centers

March 22, 2018 By CybersecurityMarket.com

Fidelis Cybersecurity, a leading automation detection and response provider, today released the results of a study examining current trends and practices of threat detection and response in enterprise companies. The study found that excessive alerts, outdated metrics, and limited integration lead to over-taxed security operations centers (SOCs).

The study was conducted over the span of three months, interviewing security practitioners from enterprise companies in a cross-section of industries: Software-as-a-Service (SaaS), retail, financial services, healthcare, consumer services, and high tech. The results reveal how different organizations manage SOCs, incident response and threat hunting tasks.

Security Operations Center (SOC) Market

As the threat landscape changes and enterprises move to adopt additional layers of defensive technologies, SOCs are being overwhelmed by the sheer volume of alerts and the number of investigations that require their attention. Furthermore, the study, found that in addition to a capacity issue, SOCs are facing a skills gap/training issue, as many organizations struggled to recruit, train, and retain qualified SOC analysts. Other key findings include:

SOC analysts are being overwhelmed by alerts: Alerts and incidents are skyrocketing, but most SOC analysts (60 percent) can only handle between 7-8 investigations in a day. Only 10 percent of organizations said they can realistically handle 8-10 investigations in a day.

Integration is key for SOC automation, efficiency, and effectiveness: Seventy percent of survey respondents said that at least half of their security controls were NOT integrated. Lack of integration impedes not only the speed of investigation, but also the speed of remediation and control. The survey results showed a correlation between the companies that achieved a high alert triaging rate and those that have more integrated security controls.

Automation is not only becoming increasingly important for SOCs, but mandatory: A big theme in security operations today is automation. Increasing automation can lead to improved efficiency, reduced dwell time, and ultimately, better performance for security operations. Unfortunately, without automation, alert triaging can be a tedious process, which is why 83 percent of the companies had less than 50 percent of the alerts triaged daily.

SOC and Incident Response metrics are outdated and ineffective: Every organization interviewed uses metrics to measure SOC and Incident Response (IR) effectiveness. However, 80 percent feel that the metrics they are using today are ‘not effective’ or ‘had room for improvement.’

Threat hunting is an elite operation that exists only in the largest and most sophisticated organizations: Only 17 percent of organizations have a dedicated threat hunting team.
“Our study uncovered a number of notable findings,” said Wang. “For organizations that want to operate efficient, highly effective security operations, we recommend following best practices such as automating tier 1 and tier 2 analysts tasks, identifying further opportunities to eliminate manual tasks, and standardize processes and procedures for threat detection and response.”

To view the full report, visit: https://www.fidelissecurity.com/resources/state-soc.

Related

Filed Under: Cybersecurity Market Tagged With: Security Operations Center, SOC

Primary Sidebar

Market Analysis

The future belongs to AIML-powered ecommerce
Google is working hard to match Apple’s ecosystem integrations
Demand for refurbished containers is insatiable
Organizational key performance indicators
LuxuryHousing.co: This was the best year on record for home sales at $50 million and above

Tech Events

GraphQL Summit, November 10-11, 2021
Ultimaker presents The Ultimaker Transformation Summit: Experience the 3D printing ecosystem of tomorrow on April 20-23, 2021
DevOps World, September 28-30, 2021, virtual and free
K-Global 2021, November 8-10, 2021
AI Week 2022: Call for Talks, February 7-9 2022, Tel Aviv University

Market Research

How do media companies perform in digital transformations?
Newspapers in the Digital Age
PublicDonmain.ai: You can’t copyright AI-created art
SyntheticMetadata.com (Synthetic Metadata): Synthetic data will reduce personal customer data collection
Global asset classes compared by market cap in 2021

Secondary Sidebar

Technologies

iPhone 14 is already less than six months away
Apple Unveils All-New Mac Studio and Studio Display
Intel to Acquire Tower Semiconductor for $5.4 Billion
5 Radical Technologies That Could Change the World
Apple Unveils M1 Ultra, the World’s Most Powerful Chip for a Personal Computer
AWS Announces General Availability of Amazon EC2 C7g Instances Powered by AWS-designed Graviton3 Processors
Top 10 tech trends that will shape the coming decade
Cloudflare R2 Storage directly challenges Amazon S3
Making a vaccine in a year is like landing a human on the moon
Green Ammonia and Hydrogen Now Cheaper than Fossil Fuels

Footer

Recent Posts

  • CyberArk Announces Impact 2022: The Identity Security Event, July 12-14 2022, Boston
  • The first hybrid Security Congress will take place at Caesars Palace in Las Vegas and online from October 10-12, 2022
  • FIC 2022, Forum International de la Cybersécurité, June 7-9 2022, Lille Grand Palais, Lille, France
  • Behavioral cybersecurity platform CybSafe raises $28M
  • Forum Internacional de la Cybersécurité – FIC 2022, 7 to 9 June 2022, Lille Grand Palais, Lille, France
  • IBM Tackles Growing Attack Surface Risks with Plans to Acquire Randori
  • Talon Cyber Security Announces Integration with CrowdStrike to Extend Endpoint Protection to Unmanaged Devices
  • Secure Cloud Architecture with Policy as Code
  • Cybersecurity talent gap
  • JFrog Ushers in New Era of Open-Source Software Security, Launching Project Pyrsia to Help Prevent Software Supply Chain Attacks

Media Partners

  • Opinion
  • Press Media Release
  • Briefly
  • OPINT
  • VPNW
  • S3H
  • Domain Aftermarkets
  • App Coding
  • API Coding
  • Blockchaining

Media Partners

  • Technology Conferences
  • Event Sharing Network
  • Defense Conferences
  • OSINT
  • Event Calendar
  • Calendarial
  • Domain Market Research

Copyright © 2015 CyberSecurityMarket.com

Technologies, Market Analysis & Market Research Reports

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT