A large amount of Security Operations Centers (SOCs) are understaffed, a newly released report finds. The 2018 State of the SOC Report by Exabeam revealed 55 percent of SOC professionals feel that their SOC is correctly staffed, 45 percent believe that their SOC is understaffed and 63 percent believe that they could use two to 10 additional employees.
Of those that are understaffed, 34 percent have two to five employees, 29 percent have six to 10 employees, 18 percent have 11 to 20 employees, another 18 percent have more than 20 employees, and one percent only have one employee.
The most important skills of SOC professionals were identified as data loss prevention, the ability to work in teams, malware analysis skills, and network and system administration. Digital forensics and communication were cited as gaps in the current skills of SOC professionals.
The top reasons for retention among employees were high wages, a challenging work environment, and workplace benefits, while heavy competition among security employees was the biggest challenge for retention, according to the report.
The report also found that it is common for organizations to outsource some SOC functions, with 40 percent of respondents saying that they outsource. Outsourced functions include network expertise (48 percent), data monitoring (47 percent), threat analysis (45 percent), malware analytics expertise (40 percent), after-hours coverage (37 percent), incident response (33 percent), endpoint detection and response expertise (32 percent), and threat intel experience (28 percent), and 5 percent said the entire SOC was outsourced.
Another important finding of the report was that the biggest pain point identified was keeping up with security alerts. Half of the frontline employees were concerned with outdated equipment, while only 29 percent of manager and 22 percent of CIOs and CISOs were concerned. Additionally, more than half of SOC professionals feel that technology is underfunded.