Devo has released its annual SOC performance report, detailing the state of the SOC across a range of organizations.
SOC performance report released.
Devo’s annual SOC Performance Report was released today, surveying professionals about the state of the SOC.
Results: “essential,” or at least “very important.”
The results of the survey show that 77% of respondents believe that their SOC is “essential” or “very important” to their company’s cybersecurity strategy. While most respondents considered their SOC effective, those that didn’t believed that their SOC had a lack of visibility into the attack surface, as well as challenges hiring and retaining skilled employees. Cyber risk compliance, threat detection, and incident response and remediation were found to be the most prominent SOC services provided by organizations, with threat hunting and cloud-native capabilities listed as the top two services planned to be added within the next year.
The role of the SIEM.
The role of a security information and event management (SIEM) system is also discussed. For respondents with organizations that utilize an SIEM, threat detection, threat investigation, and incident response were among the most common services provided by the SIEM. 90% of respondents rate their SIEM as “effective” to “very effective,” with 25% of respondents giving it a 9 or 10 on a 10-point scale. Surveyors also asked about the downfalls of respondents’ SIEM capabilities, with a lack of machine learning capabilities by far being the largest reason the system is found to be ineffective, with cost and lack of integration trailing behind.