Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Why Security Teams Are Burning Themselves Out

    By
    EWEEK EDITORS
    -
    February 8, 2021
    Share
    Facebook
    Twitter
    Linkedin

      Recently The Wall Street Journal published an article titled “Cyber Chiefs Watch Their People for Burnout as Pandemic Rolls On, which posited that IT security teams are burning out even more quickly than before the COVID-19 pandemic. With IT security teams supporting a vastly new remote workforce—and an even wider attack surface—that increases sophisticated cyberattack attempts by adversaries, the scales have tipped even more but not in the security operations center (SOC) teams’ favor.

      They are managing dozens of, if not far more, security solutions, and manually sorting through hundreds or even thousands of security alerts in order to close the gap between detection and response, fueling the growing epidemic of analyst burnout and putting enterprises at risk. Traditional security information and event management (SIEM) solutions used by many organizations and security teams are inadequate and failing to meet the growing needs of security analysts and the SOC, especially now.

      Despite gains in budget and a strategic priority for SOCs, burnout, overload and chaos persist in many organizations. Major reforms in security operations are critical now more than ever. In June 2020, the Ponemon Institute revealed its second annual SOC Performance Report that surveyed nearly 600 IT and IT security practitioners in organizations that have a SOC and are knowledgeable about their organizations’ cybersecurity practices. The survey, conducted from March 11 to April 5, 2020, found that nearly 80% of the respondents said working in a SOC is very painful.

      Additionally, 60% say the stress of working in the SOC has caused them to consider changing careers or leaving their jobs. Even worse, 69% of respondents say it is very likely or likely that experienced security analysts would quit the SOC.

      Further reading

      • Protecting Employees Doesn’t Have to Sacrifice Data…
      • Veritas Adds Scale-out Functionality to NetBackup 9

      Here are six best practices to consider if you believe your SOC team is burning itself out. This is industry information provided by Julian Waits, GM of Devo’s cybersecurity unit.

      Data Point No. 1: Advocate on behalf of your team.

      The CISO is the bridge between the SOC and the C-suite. While most CEOs and boards are becoming increasingly security conscious, it’s up to the CISO to effectively communicate why a SOC filled with burned-out analysts will compromise security and, in the long run, hurt the company’s bottom line. Equipping your SOC with technology that automates and streamlines the repetitive aspects of analysts’ workflow will benefit the entire organization.

      Data Point No. 2: Broaden your analysts’ soft skills.

      A shortage of talent and the challenge to retain skilled analysts comprise both sides of the platinum broken record of the security industry. Keep analysts engaged with practices such as job rotation and encourage them to learn more about the organization’s business will help them understand exactly what they’re working hard to protect.

      Data Point No. 3: Fuel professional growth.

      Helping your SOC analysts develop their technical as well as their business skills creates a culture of professional growth and advancement, not job hopping. Improve their presentation and communication skills by creating opportunities to present their work to non-technical colleagues and company leaders. This will enhance analysts’ skills and provide valuable exposure to important decision makers.

      Data Point No. 4: Reevaluate your hiring practices.

      Given the well-established shortage of talent, the idea of who we’re hiring to work in the SOC must change. If we insist on only hiring people with a certain degree from particular universities who have specific years of experience in exact roles with certifications X, Y, and Z, we will never solve the talent problem. It’s time to start looking at the qualities of an individual that indicate skills such as the ability to move quickly, innovate, think critically, and solve problems, rather than a rigid checklist of outdated milestones. Additionally, one thing the COVID-19 pandemic has taught us is there’s no need for geographical bias when it comes to hiring the best talent. With remote working, you can widen your net across the country and hire the best person for the job.

      Data Point No. 5: Understand the increasingly important role of automation.

      In a successful SOC, automation helps analysts work fast and more efficiently, so they can focus on the threats that pose the greatest risks to your organization. Automating evidence collection will significantly reduce duplication of effort during investigations and decrease threat fatigue for analysts. Analysts are people, too, and no one enjoys repetitive, unfulfilling work that requires little thinking or creativity. When analysts spend too much of their workdays robotically gathering information from multiple systems, it diminishes their ability to effectively triage and investigate increasingly complex threats. Analysts spend the same amount of time on triage and investigation regardless of whether a threat is real or not, or highly impactful to your business or not. This goes back to the importance of Data Point No. 1, advocating for your organization to invest in the right technology for the SOC and the people who work in it.

      Data Point No. 6: Avoid silos in and out of the security team.

      The smartest CISOs are those who build coalitions with their IT counterparts and executive management. When the security team receives an alert about a potential issue affecting the organization, they need to communicate with and seek approval from the affected group before they can get to work. That’s why it takes a cross-departmental management structure to ensure there’s a process in place—from alert to remediation—to ensure the SOC team can work effectively with any other team in the organization.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×