SANS 2018 Security Operations Center Survey

Awake joined forces with SANS on the 2018 SOC Survey. The report, authored by Christopher Crowley and John Pescatore, provides analysis and findings based on responses from over 500 security professionals across the globe.

The key takeaways include:

  • Asset discovery and inventory tool satisfaction were rated the lowest, leaving security teams blind to what is on their networks.
  • Correlation to triage security events continues to be highly manual exacerbating the security skills crisis.
  • Metrics are used in only about half (54%) of SOCs, indicating we have much work to do improve maturity overall.
  • 62% cite a lack of skilled staff while 53% cite inadequate automation as the most common challenges.
  • 31% of SOCs are staffed with 2–5 people, 36% of SOCs are staffed with 6 to 25 SOC personnel, while 11% had 26 to 100 SOC staff members.