If you read the news, at any time, you would learn that cybersecurity threats are increasing.  We don’t give it a second thought when a well-funded, sophisticated nation state is the source of a breach.  But do you know what’s straining enterprise and agency SOC (security operations center) teams to deal with these threats?

  1. A severe shortage in skilled security personnel
  2. Exponential growth in data from technologies meant to help

That’s right, every SOC relies on people to “connect the dots” between security alerts, contextual sources and impact to organizations. But what most don’t know is they’re falling behind.  And an inability to catch up creates a gap that demands more than what’s being offered today.

We know SOCs are trying and are plenty busy with all sorts of things.  In fact, level-1 analysts, either in the enterprise or at the MSSP, are staring at SIEM consoles trying to decipher signals from noise.  Senior analysts are querying and mining specialized databases.  And, red alerts from the millions of dollars sunk into detection technologies sound incessantly.

Overcoming the gap mentioned above is of critical importance for the success of our Security Operation Centers.  Newer technology holds promise to help the SOC meet its objectives.  However, it’s important to name the challenges and shortcomings of today’s SOC so we can effectively address the situation.  You not only have to ask yourself, Did your SOC catch a bad guy today? But is it also ready to catch any bad guy any day?

Mike Armistead

Mike has led several software companies from inception through high growth and to successful IPO’s or acquisitions. Mike’s passion for technologies that change how people work is as intense today as it was earlier in his career when he was the first product manager for Pure Software, where he helped lead the company from an early-stage start-up to become a top 10 public software company. A keen interest in IT Security in the early 2000’s led Mike to co-found Fortify Software. Fortify defined application security and continues to be the market leader after its acquisition by HPE Security and now Micro Focus. At HPE Security, Mike was the VP and General Manager of the Fortify and ArcSight businesses until he left in 2016 to start Respond Software.

View all posts by Mike Armistead