VIEWPOINT
THE STATE OF THE SOC SKILLS SHORTAGES, AUTOMATION AND GAINING CONTEXT REMAIN A CHALLENGE FOR SOCS, WRITES FIRAS GHANEM, REGIONAL DIRECTOR - MIDDLE EAST & PAKISTAN AT THREATQUOTIENT.
T
he security operations centre (SOC) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past eighteen months. A 2020 study by Forrester found that the average security operations team receives more than 11,000 alerts per day and that figure is likely to have grown in the intervening period. While they were deeply engaged responding to the crisis, SOC teams were simultaneously facing the disruption common to all formerly office-based workers. They were switching to remote working and learning how to continue collaborating successfully with colleagues at a distance. As SOCs take stock of the changes and challenges of the past year, it is an opportune moment to explore some of the factors that characterise the modern SOC and the common issues experienced in this crucial sector. The SANS 2021 Survey: Security Operations Center (SOC) does just that in its fifth annual survey. By collecting and analysing the views of security analysts and team managers across a broad spectrum of industry sectors, the study draws insight across a range of issues. It is a valuable benchmark for SOCs who wish to compare their approach and actions with others in the industry. Several findings stood out for me as
22
CXO INSIGHT ME
DECEMBER 2021
