Skip to main content
close search
site logo
Dive Brief

Half of SOCs say COVID-19 impacted their performance: report

Published Jan. 13, 2021
Samantha Schwartz's headshot
Samantha Schwartz Reporter
laptop, coding, code, cybersecurity
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.

Dive Brief:

  • The return on investment for just over half (51%) of security operation centers (SOCs) is worsening, according to a Ponemon Institute survey of 17,200 IT and IT security practitioners with a SOC. In 2019, only 44% of respondents said their SOC ROI was not improving. 
  • The majority of respondents (80%) said their SOCs' complexity is growing, and is further damaged by security analyst turnover. On average, three analysts either resign or are terminated in a one year time period. SOCs have an average of 12 IT security practitioners. 
  • The pandemic sent at least one-third of SOCs home to work in remote environments, according to Ponemon. More than half of SOCs said it has "significantly" impacted their performance as a result.

Dive Insight:

Before the pandemic, some companies' SOCs were already struggling with operations. With new challenges carried over from 2020, SOCs are making do with what they have. 

Ideally, companies should build their own SOC, said Barak Engel, founder and chief geek at EAmmune, while speaking on a virtual SANS Institute fireside chat Monday. 

In-house SOCs allow companies to manage their infrastructure, even though outsourced SOCs have more experience in diverse environments, said Engel. Last year, 28% of respondents said their SOC was in-house, down from 32% in 2019. Twenty-nine percent of organizations have a combination of in-house and outsourced SOCs, according to the report. 

Hiring and talent retention pose a central hurdle for effective SOCs. Security analysts retain their position for about 26 months, according to the 2020 survey, down from 27.2 months in 2019. 

"The kind of people you usually try to hire the SOCs are folks that are very talented. I see this all the time," said Engel. But they may be the wrong type of people to build out a long-lasting SOC.

The motivation of engineers companies typically hire for "routine, repeatable, utterly boring mind-numbing tasks" can dwindle. In that time, they might start experimenting, which could lead to a promotion or other departure from the SOC. Even growing salaries — SOC analyst salaries increased from $102,000 to $111,000 between 2019 and 2020 — cannot prevent analysts from leaving. Nearly half of SOC practitioners expect the trend to continue in 2021. 

But a primary reason for analyst turnover is burnout, according to Ponemon. Three-quarters of respondents either "agree" or "strongly agree" that their analysts face burnout from "the high-pressure environment." 

For finding the right talent, Engel recommends companies "stop looking for smart engineers, and start looking for people with discipline experience, like army veterans." These are the "folks that are used to the idea of repeatable tasks are executed the same way every day," he said.

Recommended Reading

Filed Under: Leadership & Careers

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Leadership & Careers
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell