We regret to inform you that we will no longer be publishing Information Management. It has been an honor to provide you with the insights and connections to move your career forward. We wish you continued success on your professional journey and welcome you to explore our other titles at www.arizent.com/brands.

More firms creating security operations centers to battle growing threats

Security operations centers are critical to working and performing in today’s digitized economy, as a greater share of business operations and sensitive data are brought online, according to a new report from Ponemon Institute.

The study was sponsored by Respond Software, a provider of robotic decision automation software, and is based on a survey of 637 IT and IT security practitioners in organizations that have a SOC and are knowledgeable about cyber security practices in their organizations.

Nearly three quarters of the respondents (73 percent) view their organization’s SOC as crucial a element of their cyber security strategy. Spending on SOCs reflect this importance, the report said, with organizations investing an of average $2.86 million annually on their in-house SOCs.

The average cost jumps to $4.44 million annually for organizations that outsource to a managed security service provider (MSSP).

Despite this substantial investment, nearly half of the organizations (49 percent) are dissatisfied with the effectiveness of their SOC in detecting attacks. Of those that turned to an MSSP, 58 percent rated their MSSP as ineffective.

Part of this dissatisfaction stems from the high cost of MSSPs, often twice the cost of staffing and managing a SOC in-house. Many of the respondents (63 percent) are looking for a way out, including reviewing new vendors or bringing the SOC function in-house.

For reprint and licensing requests for this article, click here.