Businesses Now Spend a Third of Their Cybersecurity Budget on SOC

Organizations with a dedicated security operations center (SOC) know how much it helps combating cyber threats. 72% of IT security practitioners in organizations with a SOC categorize the unit as “essential” or “very important” to their organization’s cybersecurity strategy. However, 60% of SOC team members are considering changing careers or quitting due to stress.

AWS Builder Community Hub

The importance of an SOC to an enterprise is underscored by the critical nature of its activity. A survey by Ponemon Institute, commissioned by Devo, reveals strong alignment (73%) between cybersecurity efforts and core business objectives in organizations with high-performing SOCs – more than double the effectiveness of their lower-performing brethren. Additionally, the average annual cybersecurity budget for organizations rose by $6 million to $31 million, with the SOC representing more than a third of the total.

Yet barriers facing SOC teams are growing. One in six SOC team members is considering changing careers or leaving their job due to stress, according to the data. Major areas of pain and friction include:

  • 70% lack visibility into the IT infrastructure (up from 65%)
  • 64% fight turf or silo issues between IT and the SOC (up from 57%)
  • 71% need greater automation (up from 67%), especially as they continue to spend substantial manual cycles on tasks such as alert management (47%), evidence gathering (50%), and malware protection and defense (50%)
  • Environmental factors are substantially driving pain, including information overload (67%, up from 62%), burnout from increased workloads (75%, up from 73%) and “complexity and chaos” in the SOC (53%, up from 49%)
  • Skills shortage remains a perennial issue, reported by more than 50% of respondents, further exacerbating the issue
  • People, process and technology are misaligned and inefficient across the board

Organizations are sitting on too many tools and lack the ability to capture actionable intelligence. More than half have no formal training/retention programs but, at the same time, they say the lack of skilled personnel is a major factor in SOC inefficiency. Finally, mean time to response (MTTR) remains high, with 39% saying their average time to resolve an incident is “months or even years.”

Bitdefender’s SOC-driven Managed Detection and Response (MDR) service monitors detailed telemetry to quickly and effectively respond to malicious activities, actively removing the threat, reducing dwell time and limiting any damage.

*** This is a Security Bloggers Network syndicated blog from Business Insights In Virtualization and Cloud Security authored by Filip Truta. Read the original post at: