65 percent of cybersecurity analysts say they've considered quitting

quitting job

Working in a security operations center is stressful, so much so that 65 percent of analysts report having considered changing careers or quitting their jobs.

This is among the findings of a new study carried out by the Ponemon Institute for data analytics platform Devo Technology, which also finds that 49 percent say their SOC is not fully aligned with business needs.

The top barrier to SOC success, according to 65 percent of respondents, is the lack of visibility into the IT security infrastructure and the top reason for SOC ineffectiveness, according to 69 percent, is a lack of visibility into network traffic.

Threat hunting teams have a difficult time identifying threats because they have too many IOCs (Indicators of Compromise) to track, too much internal traffic to compare against IOCs, lack of internal resources and expertise and too many false positives. More than half of respondents (53 percent) rate their SOC's ability to gather evidence, investigate and find the source of threats as ineffective. The primary reasons are limited visibility into the network traffic, lack of timely remediation, complexity and too many false positives.

In addition SOCs don't have high interoperability with their organization's security intelligence tools. Other challenges are the inability to have incident response services that can be deployed quickly and include attack mitigation and forensic investigation services.

"The survey findings clearly highlight that a lack of visibility and having to perform repetitive tasks are major contributors to analyst burnout and overall SOC ineffectiveness," says Julian Waits, general manager of cyber at Devo. "It is critical that businesses make the SOC a priority and evolve its effectiveness by empowering analysts to focus on high-impact threats and improving the speed and accuracy of triage, investigation, and response."

You can get the full report from the Devo website and sign up to a webinar to get more detail on the results.

Image credit: George Rudy / Shutterstock

4 Responses to 65 percent of cybersecurity analysts say they've considered quitting

  1. dpi027 says:

    How does this compare to other jobs ? This number by itself is meaningless if you can't compare it to something else (any jobs at worst, other tech jobs at best) .

    • Mikael Magnuson says:

      It's at least interesting to those of us who work in a SOC. Helps me understand how my shop is in comparison to some norm.

  2. MyDisqussion says:

    I've worked with teams where they are split. One team manages the SIEM and sensors, and the other team reviews the alerts. I can't imagine having to do that job day in and day out.

  3. Greg Zeng says:

    SOC is the insurance company for digital systems. Most of the time, no real positives; just emotionally overwhelming series of false positives. The SOC staff are like the SOC staff in our secret police forces, or the career military staff in nation that does not see warfare.
    Here in Australia so many "careers" are becoming redundant & boring because of the emerging technology replacing the jobs.
    Hopeully SOC in digital systems will have the AI to also replace their ego-destroying rate of work. For example now, Microsoft has such "good" malware prevention that the Windows malware-prevention industries seem to be struggling. Finally. Microsoft is now doing their corporate responsible duty, to almost nullify the other companies.

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.