4 Challenges of the SOC: How Decision Intelligence Can Help | eWEEK | eWeek

4 Challenges of the SOC: How Decision Intelligence Can Help

enterprise management
Écrit par
eWEEK EDITORS
eWEEK EDITORS
Jun 21, 2022
4 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Networks and the valuable data they hold are under attack as never before. That’s bad timing for today’s digital organizations, as they continue to struggle to find anyone with cybersecurity skills, much less the experience and qualifications they truly need to fill their roles.

Too many alerts and repetitive tasks done by too few people lead to burnout and turnover, which further weakens an organization’s security posture.

Decision intelligence can address each of these issues, strengthening cybersecurity and creating greater job satisfaction for some of the most highly prized and direly needed employees an organization has today.

In this article, we outline the four major challenges facing security operations center (SOC) teams today and provide insight on how automation and artificial intelligence can help address these problems.

Also see: Top AI Software 

1) The Cyber Skills Gap

The cybersecurity skills gap persists as hiring and retention issues are becoming increasingly difficult. According to a new ISACA study, 63% of responding firms have unfilled cybersecurity positions, an increase of 8% since 2021.

The report also revealed that 62% of respondents believe there aren’t enough staff on their cybersecurity teams, and 20% say it takes over six months to locate qualified individuals for vacant positions. There is now a 2.7 million-person cybersecurity skills gap in the world.

In addition, according to the National Institute of Cyber Education (NICE), about half of all managers believe their candidates are unqualified for the roles they are vying for. And in an ISACA survey, 16% of respondents said it takes six months or more on average to fill a new cybersecurity role. There’s an insufficient number of people and there’s a need for more training.

2) Too Many Alerts

SOC staff face an all-day stress scenario. As bad actors become more sophisticated and threat landscapes expand, the number of alerts analysts are dealing with has reached a crescendo. Research by Forrester analysts finds that SOC teams receive an average of 11,000 alerts per day.

And on top of that, many of those are false alerts. IDC’s 2021 “Voice of the Analysts” survey found that at least 45% of incoming alerts are false positives. Analysts are spending time inefficiently wading through these, leading to alert fatigue.

3) Repetitive, Unfulfilling Tasks

Although the use of automation is increasing across industries, many security analysts still report that they spend the majority of their workday doing routine tasks.

A variety of factors could be at work here, including a lack of time to implement new tools, a lack of experts to properly configure the tools, and the need to change existing processes. This also harkens back to the prior point – they are wasting time on false alerts.

Also see: Top Data Visualization Tools 

Advertisement

4) Burnout

Too many alerts, too many false positives and too many repetitive tasks contribute to the issue of burnout. Because so many organizations depend on their technology, any interruption or security event can result in lost revenue and a negative impact on company reputation. Analysts who are already overburdened will face additional work and stress as a result.

In fact, one recent study found that 71% of SOC analysts feel burned out. Increased workloads might also mean less time for upskilling, making analysts feel like they’ve been painted into a corner.

Also see: The Successful CISO: How to Build Stakeholder Trust

How Decision Intelligence and AI Can Help

The status quo in the SOC is untenable: leaders are having difficulty finding qualified staff, and the staff they already have are soon burned out. This, however, does not have to remain the case.

As previously stated, decision intelligence is the use of modern technologies such as artificial intelligence (AI) to expedite decision-making and scale people’s ability to handle tasks unique to their job description.

Existing analysts can manage workloads more quickly and easily with decision intelligence The ability of any AI tool to learn and adapt to the uniqueness of each business should be its primary capability. It should be able to help with decision-making in terms of subject expert knowledge as well as organizational context.

It can relieve analysts of the load of assessing thousands of daily alerts, freeing up time and lowering the risk of human error. They can also devote time to more meaningful work, as well as upskilling and other development and training activities, as a result of the time savings they gain.

For the modern SOC, it’s critical to add “intelligence” to the automation of operations. AI can aid decision-making and automate manual, repetitive processes with greater efficiency as it works in tandem with subject expert knowledge and as it learns the distinctiveness of the organization.

Also see: Secure Access Service Edge: Big Benefits, Big Challenges

About the Author: 

Horia Sibinescu, CMO, Arcanna.ai

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.