• Latest
  • Trending
Security Operations Center (SOC) Performance Falling Short

Security Operations Center (SOC) Performance Falling Short

December 23, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Wednesday, 8 February, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Security Operations Center (SOC) Performance Falling Short

by ITECHNEWS
December 23, 2021
in Leading Stories, Opinion
0 0
0
Security Operations Center (SOC) Performance Falling Short

Disconnects in perception between security operations center (SOC) leadership and staff in terms of organizational effectiveness and capability are hampering organizational efforts to combat cybercrime and other issues, according to a report.

The global survey of more than 1,000 cybersecurity professionals, conducted by the Ponemon Institute in September 2021, found more than 70% of SOC staff rate their “pain” level from a seven to 10 on a scale of 10.

YOU MAY ALSO LIKE

Inaugural AfCFTA Conference on Women and Youth in Trade

Instagram fined €405m over children’s data privacy

The study also revealed “turf and silo” issues are still plaguing a majority of organizations, with more than 60% citing them as a primary barrier to success.

‘Turf and Silo’ Issues Plague SOCs

Rick Holland, CISO and vice president of strategy at Digital Shadows, a provider of digital risk protection solutions, said “turf and silo” issues can plague all departments across a company, and that it’s not unique to the SOC.

“These types of problems are primarily a failure of leadership,” he said. “Executive sponsorship and support are critical to breaking down silos, eliminating kingdom building and minimizing turf wars.”

He explained that, if the SOC’s mission isn’t understood and prioritized at the highest level of the company, then the turf and silo drama will only continue, adding that the disconnect between SOC leadership and SOC staff is also a failure of leadership.

“Security leaders must come down from the ivory tower and understand the ground truth,” Holland said. “One way to get ground truth is to conduct skip-level meetings with the frontline SOC staff. Weak, inappropriate or misaligned metrics and reporting could also contribute to the disconnect.”

In addition, big data is only getting bigger, so effective SOCs must leverage data science and automation to make alerts actionable and improve efficiency.

From Holland’s perspective, one key to effective SOC work is to have a clear understanding of mission-critical assets and prioritize alerting and playbooks based on this.

“Not all SOC alerts are created equal, so automated triaging and prioritization are must-have SOC capabilities to be effective,” he said.

Focus on the Human Elements of the SOC

He said the focus is so often on the technology part of “people, process and technology”, and suggested that instead of leading with technology, we need to focus on the human side of the SOC.

“Leaders need to invest time to understand the SOC analysts’ challenges. Leaders must invest time in developing and mentoring SOC analysts,” Holland said. “Leaders must establish processes that minimize SOC burnout and improve SOC analyst retention. You can have market-leading technology, but if you can’t recruit and retain staff to run it, you are just investing in ‘expense in-depth’ and wasting your resources.”

The study also found that while more than half of leaders lauded the investigative capabilities of their SOC, only one-third of staff gave it high marks.

In assessing the communication of SOC strategy “to the trenches,” nearly 60% ranked communication as average or below average, with more than one-third rating communication as solidly below average.

John Bambenek, principal threat hunter at Netenrich, a digital IT and security operations company, added that the larger organizations are, the more distance there is between teams and the more competition there is in business priorities.

“Security often has a poor hand because no revenue has ever been derived by being more secure—even in security companies,” he said. “The more bureaucratic an organization is, the more this problem tends to occur.”

From his perspective, ultimately, senior leadership and the board need to insist these issues be resolved.

“Modern IT operations and security operations are not neat little boxes that you can put on an organizational chart; there are interdependencies,” he pointed out. “If executive leadership tells everyone to work together and puts a plan in place and devotes resources to making that happen, middle management and below will have the ability to get it done.”

Making Alerts Actionable

Data science and automation make more alerts actionable, as most alerts are processed the same way with the same steps to investigate and analyze the incident.

Bambenek said automation can simply take the work normally done in 50 browser tabs and just present that with the alert so the analyst can take it the final mile.

“There really are two issues that need to be addressed,” he said. “The SOC needs to be less overloaded which means using automation to process alerts completely or at least deal with the bulk of routine analysis.”

He said the second item is cultural, as there is no tool that can solve turf and silo issues.

“Those issues need to be handled by executive leadership, which means SOC leadership needs to invest the time in breaking down barriers so different parts of the organization can work as partners and not adversaries,” he said. “The path between ITOps and SecOps is trending toward convergence in many places, and that is not a bad thing.”

Source: Security Boulevard
Tags: ITOpsSecOpsSOC
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version