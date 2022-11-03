The SOC is the engine that protects organizations worldwide today. Its core mission remains to help the enterprise manage cyber risk. The new Devo SOC Performance Report shows that security professionals behind the scenes are feeling the pain due to too much work and not enough resources.

That means that SOC leaders today have a real balancing act when it comes to retaining analysts amid immense talent shortages and turnover. Respondents reported that average time to fill a SOC position is seven months. And 71% of SOC professionals said they’re likely to quit their job, with the top reasons being information and work overload, followed by lack of tool integration, and alert fatigue.

Devo

Let’s take a deeper look into the challenges facing SOC professionals.

Sources of Pain

SOC work is difficult work. There’s almost constant pressure and failing to succeed can have significant short and long-term consequences on the organization. Despite progress and some positive responses throughout the report, there is no question that SOC work is painful, and it takes a toll on those who perform it.

The top two reasons that make working at the SOC painful for analysts are burnout caused by growing workload (34%) and losing to adversaries (32%). In addition, 78% of SOC staff work overtime, averaging seven extra hours per week.

Devo

SOCs need to make significant adjustments in how they operate and manage their people to make SOC work less painful, while also improving their organizations’ overall security posture.

How to Address SOC Burnout

Traditional stress management techniques can help, including focusing on tactics and techniques to provide better support for workers and giving them more time to rest and recharge.

But respondents also point to workforce automation, advanced analytics and machine learning as effective ways to alleviate SOC analyst pain. These combined capabilities will enable overburdened SOC analysts, who are burning out from the pressures of their work, to focus on the most critical issues so they can perform faster, more effective incident response and detection to resolve threats decisively.

Devo

As with most complex and serious problems, there are no easy answers. But it’s clear that a new SOC model is required for organizations to stay ahead of the continued shortage of skilled analysts, the exponential increase in data, and the volume and severity of cyberattacks.

What Can Leaders do?

According to the report, there are several steps that security leaders can take to remedy the situation.

SOC staffers favor a mental well-being approach to addressing pain, with 41% saying “stress management” and “psychological counseling” would help.

Spending more money on SOC services was seen as the top method of support by 39% of staff.

Almost 40% of staffers said “recognition from senior leadership” would help alleviate pain.

Help prioritizing incidents and tasks was a suggestion by 37% of staffers.

But the most effective responses to the pain and disillusionment of SOC staff must begin with improved communication and collaboration between leaders and staff. For example, working together to create a culture of growth – one where leaders are investing time and energy into bettering the skills and career trajectory of analysts – will result in a more enticing environment for hiring candidates and provide more appreciation for hard-working staff.

This report is based on survey results from 1,100 decision-makers and non-management staff from organizations with 1,000+ employees that operate a security operations center across the U.S., Canada, UK, France, Germany, Italy, and Australia/New Zealand. Download the full report here.