Security operations centers lack maturity and skilled professionals in 2016, Hewlett Packard Enterprise said, citing results of its latest survey.
Entitled as the State of Security Operations Report, the report examined 114 SOCs in more than 150 assessments around the globe and measures four areas of performance: people, processes, technology and business function.
This year’s report indicated that security operations maturity remains well below optimal levels. 85 percent of assessed organizations fell below recommended maturity levels.
Access to skilled security resources remains the top concern of organizations. To combat personnel shortages, enterprises are implementing hybrid staffing and hybrid security infrastructure models that require less in-house expertise, while still delivering on detection capabilities.
Conversely, the study found that Internet of Things (IoT) security monitoring is raising capabilities for businesses. Organizations in the energy and healthcare sectors that implemented smart meter monitoring and medical device monitoring, respectively, had higher maturity levels.
HPE said these findings also demonstrate the need for organizations to strike the right performance balance across all areas of the SOC, from the foundation up.
“Organizations are investing heavily in cyber security, but the lack of skilled resources and the deployment of advanced solutions without a solid SOC foundation in place remain top concerns,” said Chris Triolo, Vice President of Security Product Global Services at Hewlett Packard Enterprise.
To build a successful SOC, HPE recommend a holistic approach to security operations that includes mastering the basics of security monitoring, incident detection, breach escalation and response leveraging skilled resources from managed security services for complete or blended support.
It also recommended implementing advanced data science, analytics and shared intelligence to more effectively protect the digital enterprise.