Security teams overconfident in detecting cyberthreats

Security teams overconfident in detecting cyberthreats

New research has revealed that security operation centres are not adequately focused on threat dwell time.

Exabeam, the Smarter SIEM ™ company, today released its annual  examining the processes and effectiveness of corporate security operations centers (SOCs) has been released by SIEM provider Exabeam. The 2020 State of the SOC Report reveals that 82% of SOCs are confident in their ability to detect cyberthreats, despite just 22% of frontline workers tracking mean time to detection (MTTD), which helps determine hacker dwell time.

This unfounded confidence is made worse by the fact that 40% of organisations still struggle with SOC staff shortages and finding qualified people to fill the cybersecurity skills gap.

Cyber technology trends

Dwell time, the time between when a compromise first occurs and when it is first detected, has grown According to Steve Moore, chief security strategist at Exabeam. SOCs are paying greater attention to employee well-being and measures for better communication. "However, disparate perceptions of the SOCs’ effectiveness could be dangerously interpreted by the C-suite as assurances that the company is well-protected and secure, when it’s not.”

SOC leaders and frontline analysts do not agree on the most common threats facing organisations. SOC leaders believe that phishing and supply chain vulnerabilities are more important issues, while analysts see DDoS attacks and ransomware as greater threats.

Small and medium-sized teams are more concerned with downtime or business outage (50%) than with threat hunting and yet the majority of respondents (61%) cited threat hunting as a must-have hard skill. In general, monitoring and analytics, access management and logging are all higher priorities this year. To support this, most SOCs expect to see security orchestration, automation and response (SOAR) tools take precedence over other technologies in upcoming years.

Cyber staffing 

SOCs in the UK and the USA have shown year on year  improvements in recruiting costs and identifying candidates with the right expertise. Workplace benefits, high wages and a positive culture were this year’s top drivers for retention in nearly 60% of SOCs.

There remain challenges, however. 64% of frontline employees in SOCs reported a lack of career path as a reason for leaving jobs. And many SOCs reported that they lacked the necessary investment in technology, training and staffing to do their jobs well. These are some of the reasons that nearly a quarter of SOCs in the USA (35% across Canada) report being understaffed by more than 10 employees.


The Exabeam 2020 State of the SOC Report was conducted among 295 respondents across the USA, the UK, Canada, Germany and Australia.

Image courtesy of iStockPhoto.com

Copyright Lyonsdown Limited 2021

Top Articles

Data of 500m LinkedIn users put up for sale on the Dark Web

Detailed personal and professional information associated with 500 million LinkedIn profiles has been put up for sale on a popular dark web forum.

Several EU bodies suffered cyber attacks in March, EU reveals

A number of European Union institutions, including the European Commission, were the targets of cyber attacks in March.

The rise and rise of nation state cyber attacks

There has been a 100% rise in nation state cyber attacks over the last three years with attacks aimed at organizations with high value IP, such as technology and pharmaceutical…

Related Articles