We regret to inform you that we will no longer be publishing Information Management. It has been an honor to provide you with the insights and connections to move your career forward. We wish you continued success on your professional journey and welcome you to explore our other titles at www.arizent.com/brands.

Firms lack faith in information security operations centers

While the security operations center (SOC) is considered an important component of business, many organizations rate their SOC’s effectiveness as low, according to a new report from Ponemon Institute and data analytics platform provider Devo Technology.

For the research, Ponemon Institute surveyed 554 IT and security practitioners worldwide in organizations that have a SOC, and found that 49 percent of the respondents said their organization’s SOC is not fully aligned with business needs. Problems such as a lack of visibility into the network and IT infrastructure, lack of confidence in the ability to find threats, and workplace stress on the SOC team are diminishing its effectiveness.

In addition, security professionals said working in the SOC is a challenge, leading 65 percent to report having considered changing careers or quitting their jobs. As a result of these factors, 78 percent of respondents said the mean time to resolution (MTTR) can be weeks to months or even years.

The top barrier to SOC success, according to 65 percent of respondents, is a lack of visibility into the IT security infrastructure effectiveness. More than half of the respondents (53 percent) rate their SOC’s ability to gather evidence, investigate, and find the source of threats as ineffective. The primary reasons are limited visibility into the network traffic, lack of timely remediation, complexity, and too many false positives.

For reprint and licensing requests for this article, click here.