• Latest
  • Trending
Security Operations Center (SOC) Performance Falling Short

Security Operations Center (SOC) Performance Falling Short

December 23, 2021
Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022
WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses

May 20, 2022
Huawei and SolarEdge Sign a Global Patent License Agreement

Huawei and SolarEdge Sign a Global Patent License Agreement

May 20, 2022
Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

Dijbouti Telecom Welcomes the Landing of 2Africa Submarine Cable

May 20, 2022
Ghana Smart Africa Digital Academy launches its national digital academy

Ghana Smart Africa Digital Academy launches its national digital academy

May 20, 2022
Ghana’s Rural Telecom Facilities to be Upgraded to 4G

Ghana’s Rural Telecom Facilities to be Upgraded to 4G

May 20, 2022
Silicon Power Announces UD90 PCIe 4.0 SSD

Silicon Power Announces UD90 PCIe 4.0 SSD

May 20, 2022
ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

ZADAK Announces TWSG4S PCIe Gen4 x4 SSD

May 20, 2022
Samsung Sampling 512GB CXL Memory Module

Samsung Sampling 512GB CXL Memory Module

May 20, 2022
IBM Elastic Storage System 3500

IBM Elastic Storage System 3500

May 20, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 21 May, 2022
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Security Operations Center (SOC) Performance Falling Short

by ITECHNEWS
December 23, 2021
in Leading Stories, Opinion
0 0
0
Security Operations Center (SOC) Performance Falling Short

Disconnects in perception between security operations center (SOC) leadership and staff in terms of organizational effectiveness and capability are hampering organizational efforts to combat cybercrime and other issues, according to a report.

The global survey of more than 1,000 cybersecurity professionals, conducted by the Ponemon Institute in September 2021, found more than 70% of SOC staff rate their “pain” level from a seven to 10 on a scale of 10.

YOU MAY ALSO LIKE

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

The study also revealed “turf and silo” issues are still plaguing a majority of organizations, with more than 60% citing them as a primary barrier to success.

‘Turf and Silo’ Issues Plague SOCs

Rick Holland, CISO and vice president of strategy at Digital Shadows, a provider of digital risk protection solutions, said “turf and silo” issues can plague all departments across a company, and that it’s not unique to the SOC.

“These types of problems are primarily a failure of leadership,” he said. “Executive sponsorship and support are critical to breaking down silos, eliminating kingdom building and minimizing turf wars.”

He explained that, if the SOC’s mission isn’t understood and prioritized at the highest level of the company, then the turf and silo drama will only continue, adding that the disconnect between SOC leadership and SOC staff is also a failure of leadership.

“Security leaders must come down from the ivory tower and understand the ground truth,” Holland said. “One way to get ground truth is to conduct skip-level meetings with the frontline SOC staff. Weak, inappropriate or misaligned metrics and reporting could also contribute to the disconnect.”

In addition, big data is only getting bigger, so effective SOCs must leverage data science and automation to make alerts actionable and improve efficiency.

From Holland’s perspective, one key to effective SOC work is to have a clear understanding of mission-critical assets and prioritize alerting and playbooks based on this.

“Not all SOC alerts are created equal, so automated triaging and prioritization are must-have SOC capabilities to be effective,” he said.

Focus on the Human Elements of the SOC

He said the focus is so often on the technology part of “people, process and technology”, and suggested that instead of leading with technology, we need to focus on the human side of the SOC.

“Leaders need to invest time to understand the SOC analysts’ challenges. Leaders must invest time in developing and mentoring SOC analysts,” Holland said. “Leaders must establish processes that minimize SOC burnout and improve SOC analyst retention. You can have market-leading technology, but if you can’t recruit and retain staff to run it, you are just investing in ‘expense in-depth’ and wasting your resources.”

The study also found that while more than half of leaders lauded the investigative capabilities of their SOC, only one-third of staff gave it high marks.

In assessing the communication of SOC strategy “to the trenches,” nearly 60% ranked communication as average or below average, with more than one-third rating communication as solidly below average.

John Bambenek, principal threat hunter at Netenrich, a digital IT and security operations company, added that the larger organizations are, the more distance there is between teams and the more competition there is in business priorities.

“Security often has a poor hand because no revenue has ever been derived by being more secure—even in security companies,” he said. “The more bureaucratic an organization is, the more this problem tends to occur.”

From his perspective, ultimately, senior leadership and the board need to insist these issues be resolved.

“Modern IT operations and security operations are not neat little boxes that you can put on an organizational chart; there are interdependencies,” he pointed out. “If executive leadership tells everyone to work together and puts a plan in place and devotes resources to making that happen, middle management and below will have the ability to get it done.”

Making Alerts Actionable

Data science and automation make more alerts actionable, as most alerts are processed the same way with the same steps to investigate and analyze the incident.

Bambenek said automation can simply take the work normally done in 50 browser tabs and just present that with the alert so the analyst can take it the final mile.

“There really are two issues that need to be addressed,” he said. “The SOC needs to be less overloaded which means using automation to process alerts completely or at least deal with the bulk of routine analysis.”

He said the second item is cultural, as there is no tool that can solve turf and silo issues.

“Those issues need to be handled by executive leadership, which means SOC leadership needs to invest the time in breaking down barriers so different parts of the organization can work as partners and not adversaries,” he said. “The path between ITOps and SecOps is trending toward convergence in many places, and that is not a bad thing.”

Source: Security Boulevard
Tags: ITOpsSecOpsSOC
ShareTweetShare

Get real time update about this post categories directly on your device, subscribe now.

Unsubscribe

Search

No Result
View All Result

Recent News

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022
Android 13 beta will test out-of-the-box support for most braille displays

Android 13 beta will test out-of-the-box support for most braille displays

May 20, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1

May 20, 2022
HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs

May 20, 2022

Recent News

  • Qualcomm Announces Snapdragon 8+ Gen 1 and Snapdragon 7 Gen 1 May 20, 2022
  • HP’s premium laptop revamp: more OLED displays, 12th-gen Intel CPUs May 20, 2022
  • Android 13 beta will test out-of-the-box support for most braille displays May 20, 2022
  • WhatsApp to Launch Cloud-Based Tools, Premium Features for Businesses May 20, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021 iTechNewsOnline.Com - Powered by BackUpDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?
Go to mobile version