SOC stresses mean 71 percent of security professionals consider quitting
Information and work overload, insufficient downtime, lack of tool integration, and alert fatigue mean that 71 percent of security operations center professionals say they're likely to quit their job.
A new report from logging and security analytics company Devo Technology shows SOC leaders continue to face a tricky balancing act when it comes to retaining SOC analysts amid major talent shortages and turnover.
Additionally, the report illustrates how leaders' disjointed views of SOC distress and remedies impact analysts' performance and overall work experiences, signaling a need for a change in how SOC work is conducted.
The top two reasons that make working at an SOC painful for analysts are cited as burnout caused by growing workload (34 percent) and losing to adversaries (32 percent). 78 percent of SOC staff work overtime, with an average of seven extra hours worked per week, while a third of analysts face difficulties with operating across too many tools.
"The disillusionment that expert talent faces has a chain reaction that jeopardizes organizational cybersecurity posture," says Kayla Williams, CISO of Devo. "SOC leaders need to restore the disconnect between executives and professionals. Applying modern approaches helps eliminate the distressing components of SOC work and creates better agility in the ever-evolving threat landscape and attack surface. For example, supplementing SOC analysts by implementing AI to flag false positives not only will combat alert fatigue, it can shift analyst focus to real threats their organization faces, driving more value out of the SOC as a business partner."
More than half of leaders and 39 percent of staff think that spending more money on SOC services is the top solution to alleviate the pain experienced by security staff. With extensive financial investments in security operations, automation and analytics hold the power to streamline the most critical aspects of the threat lifecycle, eliminating the repetitive manual tasks that lead to analyst burnout and SOC inefficiency. 37 percent of workers identify advanced analytics, machine learning, and automation as key to alleviating their pain points.
"Organizations need to reduce the burdens of manual work on their analysts with more holistic and intelligent deployments of analytics and automation to get in front of cyber attackers and empower security analysts to be effective and build morale," adds Williams. "The industry is trending toward the era of autonomous SOC, giving SOC teams the breathing room they need while offering end-to-end support in detecting and mediating threats. It is a win-win for the modern organization."
The full report is available from the Devo site.
Image credit: ijeab/depositphotos.com