The rapid growth of the Internet in recent years has led to an increasing number of threats affecting businesses, compromising their business model and, of course, their profitability. Faced with this situation, it is not surprising in recent years that companies have exponentially increased their investments in SOCs, the security centers in charge of proactive and real-time detection of threats.
As taken from the Devo SOC Performance ReportTM by Devo, the cloud-native data security and analytics company, 72% of IT and cybersecurity professionals see SOCs as critical or very important to their overall cybersecurity strategy. . Likewise, the average annual budget for bebersecurity in enterprises increased by $ 6 million last year to reach $ 31 million, or a third of that in the case of SOC.
“At first glance, the data is positive and we can clearly see how more and more companies are betting on cybersecurity as one of their key areas. However, the growth of the budget and the successes hide a serious problem within the human team in charge of the tasks of the company, a SOC, which achieves modest success in exchange for the consumption of very precious resources ”, states Julian Waits, CEO of Cyber Security at Devo.
Cybersecurity professionals have collapsed
However, this growth in investment has not been offset by fewer problems, directly affecting employees. Specifically, 60% of cybersecurity professionals are considering the possibility of changing careers or quitting their job due to stress, and 75% say they are burnt out due to the increased workload in recent years.
Among the causes of this situation are the lack of training programs in this regard and the resulting lack of qualified professionals. Thus, half of those interviewed by Devo point out that there is a problem of staff shortages within SOCs and more than 50% say that their company does not have training programs in place – despite the fact that 3 out of 4 claim to be very important-.
On the other hand, other causes of this exhaustion among professionals are the lack of visibility of their work within IT infrastructures, the lack of process automation or the high average response time which can be several months. or even several years to solve a problem.
“It is clear that significant reforms need to be undertaken to achieve greater efficiency and greater engagement in SOCs, resulting in less stress on analysts, especially in the face of a new economic normal that may limit investment. for a while, ”says Waits.
Finally, professionals consider that the main actions to alleviate and reduce stress should be increased automation of the workflow (71%), the implementation of advanced machine learning / analytics technology and access to all the necessary content and information (55%).