The report shares and analyzes research on a range of security operations center practices and outlines the current state of the SOC within many organizations, based on in-depth survey findings of IT and cybersecurity professionals from around the world.
Determine if frameworks are used to define, measure and assess SOC functions and, if so, which framework(s) organizations prefer.
Capture respondents' self-assessment process for their organization's security program maturity and examine the security program components that contribute to maturity.
Learn if organizations benchmark performance and whether they use KPIs to drive improvements in security processes.
The majority of respondents employ a cybersecurity framework, with the National Institute of Standards and Technology Cybersecurity Framework being most popular.
The survey found that 69.4% of respondents currently use a framework to help define and measure policies, processes, and controls, where only 22.1% don't.
Almost three-quarters of respondents that employ a framework use the NIST CSF-almost twice as many as the next three most popular frameworks.
Good news: two-thirds of respondents use metrics to assess and improve security.
Two-thirds of respondents are currently using metrics to assess operational security performance.
The top three metrics collected and measured by respondents include security incidents, vulnerability assessments, and intrusion attempts.
Organizations can improve their use of IT and security training programs and cyber-readiness exercises.
Read the full report to see data on other SOC trends, like hybrid SOC usage, how respondents view the usefulness of security metrics and key performance indicators, and how organizations rate their SOC maturity.
Visit Expel.com to learn more about how Expel improves and simplifies security operations, or book a product demo.
The SANS Institute conducted a comprehensive online survey of IT and cybersecurity professionals from private- and public-sector organizations across industries and geographies between August 2023 and September 2023.
Our technology and people work together to make sense of security signals-with your business in mind-to detect, understand, and fix issues fast.
Powered by our security operations platform, Expel offers managed detection and response, remediation, phishing, vulnerability prioritization, and threat hunting.
SANS Institute is the world's largest provider of cyber security training.
For over twenty-five years, SANS has provided cutting edge training to governments and organizations across the world.
Technology may have changed in that time, but SANS' core mission has remained constant: to protect through sharing cyber security knowledge and skills.
SANS offers over 60 cyber security courses, operates across dozens of countries and has over 200,000 alumni.
This Cyber News was published on www.darkreading.com. Publication date: Wed, 20 Dec 2023 00:25:05 +0000