When it comes to the first line of defense for any company, its Security Operations Center (SOC) is an essential component. A SOC is a dedicated team of professionals who monitor networks and systems for potential threats, provide analysis of detected issues and take the necessary actions to remediate any risks they uncover.
Unfortunately, SOC members spend nearly one-third (32%) of their day investigating incidents that don’t actually pose a real threat to the business according to a new report from Morning Consult. These false alarms waste valuable resources, time and money that are needed to deal with real and significant threats.
Why Is This SOC Statistic So High?
With the current labor shortages in cybersecurity-related fields, no one wants to waste time on meaningless tasks. So why is the percentage of false alarms this high?
One potential explanation is that businesses are not utilizing the right security tools to help reduce false alarms. The Morning Consult report found that nearly half (46%) of surveyed SOC professionals stated the average time to detect and respond to a security incident has increased over the past 2 years. Manual investigations were the number one contributor to slowed detection and response according to 81% of surveyed SOC professionals. If a SOC team uses manual-based processes or antiquated technologies to detect and investigate events, the likelihood of false positives increases dramatically.
Another possibility is that the team does not clearly understand the threats their organization faces. As a result, they cast too wide a net and end up wasting time investigating potentially harmless alarms. This is usually due to a lack of tr ..
Support the originator by clicking the read the rest link below.
