Exabeam has released its annual State of the SOC report, identifying shifting roles and responsibilities as one of the most pressing challenges for security operations center (SOC) managers.
As an example of this shift, Exabeam says, C-suite executives are doing more in incident response and threat hunting, while frontline employees are completing fewer operational tasks. Similar to last year, the report also found that SOC staffing remains an issue, as do processes like reporting and documentation, along with alert fatigue and false positives.
The survey sought the opinions of IT professionals in the U.S. and U.K., with management responsibilities in operations and security. Common roles targeted were CIO/CISO, SOC manager or frontline employee, such as threat researchers, security architects, engineers, analysts and risk officers.
Interestingly, only 5 percent of respondents reported seeing 100 percent of events in the security incident and event management (SIEM) system.
In fact, keeping up with security alerts presented the largest pain point experienced by SOC personnel (39 percent). The top reason cited for this pain was the inability of legacy applications to log events. Without full visibility into events happening throughout the enterprise, SOC managers are more likely to miss security alerts, resulting in greater vulnerability to cyberattacks.
To download the full report, click here.
