• Latest
  • Trending
Security Operations Center (SOC) Performance Falling Short

Security Operations Center (SOC) Performance Falling Short

December 23, 2021
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Saturday, 30 September, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Security Operations Center (SOC) Performance Falling Short

by ITECHNEWS
December 23, 2021
in Leading Stories, Opinion
0 0
0
Security Operations Center (SOC) Performance Falling Short

Disconnects in perception between security operations center (SOC) leadership and staff in terms of organizational effectiveness and capability are hampering organizational efforts to combat cybercrime and other issues, according to a report.

The global survey of more than 1,000 cybersecurity professionals, conducted by the Ponemon Institute in September 2021, found more than 70% of SOC staff rate their “pain” level from a seven to 10 on a scale of 10.

YOU MAY ALSO LIKE

ATC Ghana supports Girls-In-ICT Program

Vice President Dr. Bawumia inaugurates ICT Hub

The study also revealed “turf and silo” issues are still plaguing a majority of organizations, with more than 60% citing them as a primary barrier to success.

‘Turf and Silo’ Issues Plague SOCs

Rick Holland, CISO and vice president of strategy at Digital Shadows, a provider of digital risk protection solutions, said “turf and silo” issues can plague all departments across a company, and that it’s not unique to the SOC.

“These types of problems are primarily a failure of leadership,” he said. “Executive sponsorship and support are critical to breaking down silos, eliminating kingdom building and minimizing turf wars.”

He explained that, if the SOC’s mission isn’t understood and prioritized at the highest level of the company, then the turf and silo drama will only continue, adding that the disconnect between SOC leadership and SOC staff is also a failure of leadership.

“Security leaders must come down from the ivory tower and understand the ground truth,” Holland said. “One way to get ground truth is to conduct skip-level meetings with the frontline SOC staff. Weak, inappropriate or misaligned metrics and reporting could also contribute to the disconnect.”

In addition, big data is only getting bigger, so effective SOCs must leverage data science and automation to make alerts actionable and improve efficiency.

From Holland’s perspective, one key to effective SOC work is to have a clear understanding of mission-critical assets and prioritize alerting and playbooks based on this.

“Not all SOC alerts are created equal, so automated triaging and prioritization are must-have SOC capabilities to be effective,” he said.

Focus on the Human Elements of the SOC

He said the focus is so often on the technology part of “people, process and technology”, and suggested that instead of leading with technology, we need to focus on the human side of the SOC.

“Leaders need to invest time to understand the SOC analysts’ challenges. Leaders must invest time in developing and mentoring SOC analysts,” Holland said. “Leaders must establish processes that minimize SOC burnout and improve SOC analyst retention. You can have market-leading technology, but if you can’t recruit and retain staff to run it, you are just investing in ‘expense in-depth’ and wasting your resources.”

The study also found that while more than half of leaders lauded the investigative capabilities of their SOC, only one-third of staff gave it high marks.

In assessing the communication of SOC strategy “to the trenches,” nearly 60% ranked communication as average or below average, with more than one-third rating communication as solidly below average.

John Bambenek, principal threat hunter at Netenrich, a digital IT and security operations company, added that the larger organizations are, the more distance there is between teams and the more competition there is in business priorities.

“Security often has a poor hand because no revenue has ever been derived by being more secure—even in security companies,” he said. “The more bureaucratic an organization is, the more this problem tends to occur.”

From his perspective, ultimately, senior leadership and the board need to insist these issues be resolved.

“Modern IT operations and security operations are not neat little boxes that you can put on an organizational chart; there are interdependencies,” he pointed out. “If executive leadership tells everyone to work together and puts a plan in place and devotes resources to making that happen, middle management and below will have the ability to get it done.”

Making Alerts Actionable

Data science and automation make more alerts actionable, as most alerts are processed the same way with the same steps to investigate and analyze the incident.

Bambenek said automation can simply take the work normally done in 50 browser tabs and just present that with the alert so the analyst can take it the final mile.

“There really are two issues that need to be addressed,” he said. “The SOC needs to be less overloaded which means using automation to process alerts completely or at least deal with the bulk of routine analysis.”

He said the second item is cultural, as there is no tool that can solve turf and silo issues.

“Those issues need to be handled by executive leadership, which means SOC leadership needs to invest the time in breaking down barriers so different parts of the organization can work as partners and not adversaries,” he said. “The path between ITOps and SecOps is trending toward convergence in many places, and that is not a bad thing.”

Source: Security Boulevard
Tags: ITOpsSecOpsSOC
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version