The security operations center (SOC), considered a core component of many organizations' cybersecurity strategies, is plagued with high costs and myriad challenges. Businesses running a SOC often struggle to achieve a high return for what proves to be an expensive investment.
These findings come from a new report entitled "The Economics of Security Operations Centers: What Is the True Cost for Effective Results?" conducted by the Ponemon Institute and commissioned by Respond Software. Researchers surveyed 637 IT and IT security practitioners who work in organizations running SOCs to learn about their economics and effectiveness.
The SOC has been a topic of conversation for much of the past five to six years, as experts seek to learn more about their cost and functionality, says Ponemon Institute chairman Larry Ponemon. Organizations spend an average of $2.86 million each year on their in-house SOC, researchers found. The annual cost jumps to $4.44 million if they outsource to a managed security service provider (MSSP), a number that researchers found surprising. Only 17% of respondents say their MSSP is "highly effective."
Despite the pricey investment, only 51% of organizations surveyed are satisfied with their SOC's effectiveness in detecting cyberattacks. Forty-four percent say their SOC's ROI is worsening.
The most important SOC activities, they say, are the minimization of false-positives (84%), threat intelligence reporting (83%), monitoring and analyzing alerts (77%), intrusion detection (77%), use of technologies such as automation and machine learning (74%), agile DevOps (73%), threat hunting (71%), and cyber forensics (69%).
More than two-thirds (67%) of respondents say training SOC analysts is one of the most critical SOC activities. SOCs heavily rely on human expertise to prevent, detect, analyze, and respond to security incidents. Complexity and hiring challenges ..
Support the originator by clicking the read the rest link below.
