Security teams overconfident in detecting cyberthreats

Security teams overconfident in detecting cyberthreats

New research has revealed that security operation centres are not adequately focused on threat dwell time.

Exabeam, the Smarter SIEM ™ company, today released its annual  examining the processes and effectiveness of corporate security operations centers (SOCs) has been released by SIEM provider Exabeam. The 2020 State of the SOC Report reveals that 82% of SOCs are confident in their ability to detect cyberthreats, despite just 22% of frontline workers tracking mean time to detection (MTTD), which helps determine hacker dwell time.

This unfounded confidence is made worse by the fact that 40% of organisations still struggle with SOC staff shortages and finding qualified people to fill the cybersecurity skills gap.

Cyber technology trends

Dwell time, the time between when a compromise first occurs and when it is first detected, has grown According to Steve Moore, chief security strategist at Exabeam. SOCs are paying greater attention to employee well-being and measures for better communication. “However, disparate perceptions of the SOCs’ effectiveness could be dangerously interpreted by the C-suite as assurances that the company is well-protected and secure, when it’s not.”

SOC leaders and frontline analysts do not agree on the most common threats facing organisations. SOC leaders believe that phishing and supply chain vulnerabilities are more important issues, while analysts see DDoS attacks and ransomware as greater threats.

Small and medium-sized teams are more concerned with downtime or business outage (50%) than with threat hunting and yet the majority of respondents (61%) cited threat hunting as a must-have hard skill. In general, monitoring and analytics, access management and logging are all higher priorities this year. To support this, most SOCs expect to see security orchestration, automation and response (SOAR) tools take precedence over other technologies in upcoming years.

Cyber staffing 

SOCs in the UK and the USA have shown year on year  improvements in recruiting costs and identifying candidates with the right expertise. Workplace benefits, high wages and a positive culture were this year’s top drivers for retention in nearly 60% of SOCs.

There remain challenges, however. 64% of frontline employees in SOCs reported a lack of career path as a reason for leaving jobs. And many SOCs reported that they lacked the necessary investment in technology, training and staffing to do their jobs well. These are some of the reasons that nearly a quarter of SOCs in the USA (35% across Canada) report being understaffed by more than 10 employees.


The Exabeam 2020 State of the SOC Report was conducted among 295 respondents across the USA, the UK, Canada, Germany and Australia.

Image courtesy of iStockPhoto.com

Copyright Lyonsdown Limited 2021

Top Articles

COO of network security firm indicted for hacking into hospital network

A 45-year-old Chief Operating Officer of network security company in Atlanta, Georgia was indicted this week for launching a cyber attack on Gwinnett Medical Center.

McDonald's data breach: Employee and customer data stolen by hackers

McDonald's suffered a data breach that compromised the personal information of customers in South Korea and Taiwan and business contact information of some US employees.

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]