TMCnet News
Coordinate Efforts for SOC Improvement: Results of the 2019 SANS Security Operations Center SurveyBETHESDA, Md., June 25, 2019 /PRNewswire/ -- Integrating efforts of network operations centers (NOCs) and outsourcing security operations tasks offer major avenues toward improving SOC effectiveness and efficiency, according to results of a survey to be released by SANS Institute on July 10 and discussed on July 11. Organizations often realize improved efficiency through integration with internal resources, such as NOCs. We did see an uptick in organizations integrating NOC and SOC operations, an important way to increase both effectiveness and efficiency, especially when outsourcing is not feasible. Thirty-four percent of respondents reported either fully integrating or effectively working with their NOC. "Though we saw some improvement this year, most SOCs still aren't fully leveraging the potential of interaction with their NOCs," says Christopher Crowley, SANS security operations and incident response team management instructor, and author of the survey. "If you aren't consistently leveraging this 'sibling' in your organization, you're missing efficiency and knowledge-sharing opportunities." Survey results indicate that staffing continues to be a problem for security-minded organizations, with 58% of respondents citing lack of skilled staff as a barrier to excellence. Outsourcing such tasks as pen-testing, digital forensics and threat intelligence—at least until organizations have developed standard use cases appropriate for their business operations—is one way to reduce the burden on in-house staff. "A SOC is an expensive proposition with substantial operational costs and staffing needs," continues Crowley. "To minimize these costs, or to deal with staffing restrictions, organizations need to consider their options. And, outsourcing some functions offers opportunities to reduce in-house responsibilities and improve SOC functionality." These and other suggestions for improving the efficiency and effectiveness of SOCs are discussed in the SANS 2019 Security Operations Center Survey, along with context provided by SOC managers from small-to-medium size organizations. Full results will be shared during a July 10 webcast at 1 PM EDT, sponsored by Anomali, BTB Security, Cyberbit, DFLabs, ExtraHop, Siemplify, and ThreatConnect, and hosted by SANS. Register to attend the webcast at https://www.sans.org/webcasts/110050. Representatives of ExtraHop, Siemplify, and ThreatConnect join Chris Crowley and SANS director of emerging technologies John Pescatore for a panel discussion on the results on July 11 at 1 PM EDT. Register to attend that webcast at https://www.sans.org/webcasts/110075. Those who register for the webcast will also receive access to the published results paper developed by SANS analyst and security operations expert, Chris Crowley, with advice from John Pescatore. Tweet This: See what #security practitioners have to say about their SOC experiences in our upcoming 2019 SANS #SOC Survey webcast with @CCrowMontance & @john_pescatore on 7/10 @ 1PM ET | https://www.sans.org/webcasts/110050 Gain greater insight into capabilities and implementations | @CCrowMontance & @john_pescatore discuss selected results with sponsors on 7/11 @ 1PM ET | https://www.sans.org/webcasts/110075 About SANS Institute
SOURCE SANS Institute 
|
View original content: