Parabellum: 2019 SANS SOC Survey Recap, Overcoming SOC Staffing Challenges
The 2019 SAN SOC Survey recap webinar, conducted in July of 2019, was hosted by Oren Aspir, CTO of Cyberbit, and Yarden Altman, Cyberbit incident response expert and former SOC manager. The Webinar covered the key survey findings, changes from 2018 to 2019, how to overcome the skill shortage, and the role of SOAR in SOC optimization,.
The objective of the SANS SOC Survey was to provide an overview from over 350 SOC leaders on the role, performance, technologies and processes applied in SOCs, and to offer guidance to build, maintain, and mature effective SOCs.
Key SOC Statistics included: 50% of SOCs have 2 – 10 FTEs, 10% say they have all their smart systems covered by the SOC, 11% of SOCs automate their performance metrics, and 94% of organizations keep IR as an internal function, in most of them (77%) IR is part of the SOC
“The main two barriers we had last year are the same…Lack of skilled staff and lack of automation and orchestration,” Aspir said.
Aspir discussed the issues surrounding effective training of staff, and Altman explained the 6 key elements for a successful SOAR implementation. Altman then introduced SOC 3D and shared some KPI lifts from customers who implemented SOC 3D.
“We have seen a 90% reduction in response time to incidents, which translates to more incidents per shift, or less people per shift,” Altman said.
For the latest news, videos, and podcasts in the Software & Electronics Industry, be sure to subscribe to our industry publication.