Front-line analysts in security operations centers (SOCs) are doing less while C-level executives are doing more, according to a new report. And even senior executives are subject to the same alert fatigue and false-positive issues as their junior employees.
The Exabeam annual "State of the SOC" report is based on surveys with 150 IT executives in the US and UK, carried out by Cicero Group. The surveys found 86% of CIOs and CISOs are now involved in incident response, up from 65% in last year's report. And 67% of CIOs and CISOs are taking part in threat-hunting activities, up from 51% a year ago.
While fewer than half of the SOC analysts are using automation in their work (48%), 34% want to invest in more automation to save time in responding to incidents. It's likely that they would also see this as a way to make the most of human resources, since roughly one-third of executives say their SOC is understaffed by 6–10 employees.
For more, read here.