Features Research
Hewlett Packard 2017 State of Security Operations Report finds SOCs still struggling

 
This year’s report highlights the importance of a balanced approach to cybersecurity that incorporates the right people, processes and technologies to match the sophistication and speed of today’s adversaries, HPE notes.

According to the report, a SOC that is well-defined, subjectively evaluated and flexible is recommended for the modern enterprise—yet 82 per cent of SOCs are failing to meet this criteria and falling below the optimal maturity level. While this is a 3 per cent improvement from last year, the majority of organizations are still struggling with a lack of skilled resources, as well as implementing and documenting the most effective processes.

Key observations in the report include:

• SOC maturity decreases with hunt-only programs: While organizations that added hunt teams to their existing real-time monitoring capabilities increased their maturity levels, programs that focused solely on hunt teams had an adverse effect.

• Complete automation is an unrealistic goal: Advanced threats still require human investigation and risk assessments need human reasoning, making it imperative that organizations strike a balance between automation and staffing.

• Focus and goals are more important than size of organization: Organizations that view security as a competitive differentiator, market leadership, or alignment with their industry are better indicators of more mature SOCs.

• Hybrid solutions and staffing models provide increased capabilities: Organizations that keep risk management in-house and scale with external resources can boost their maturity and address the skills gap.