Woburn, MA – June 29, 2022 — According to a new ESG study, ‘SOC Modernization and the Role of XDR’ commissioned by Kaspersky, almost three-in-four (70%) respondent organizations struggle to keep up with the volume of alerts generated by security analytics tools. This results in a lack of resources for important strategic tasks and leads organizations towards process automation and outsourcing.
The problem with effectively managing emergency tasks through a security operations center (SOC) remains: according to the ‘2020 state of SecOps and automation’ survey by Dimensional Research, 83% of cybersecurity staff experience alert fatigue.
In addition to the volume of alerts, their wide variety is another problem for 67% of organizations, according to the study conducted by ESG. This makes it difficult for a SOC analyst to focus on the more complex and important tasks. In every third company (34%), cybersecurity teams overloaded with alerts and emergency security issues don’t have enough time to spend on strategy and process improvements.
The ESG study also found that organizations don’t relate the problem to a lack of staff with 83% believing their SOC have enough people to effectively protect a company of their size, but think it is due to the need to automate processes and use external services. The primary reason for using managed services is to allow personnel more time to focus on more strategic initiatives, rather than spending time on security operations tasks (55%).
“SOC analysts put out fires rather than proactively looking for complex and evasive threats in infrastructure,” comments Yuliya Andreeva, senior product manager at Kaspersky. “Reducing the number of alerts, automating their consolidation and correlation into incident chains and cutting the overall response time should become the primary tasks for organizations to improve the effectiveness of their SOC. To achieve this, relevant automation solutions and external expert services can help.”
To streamline the work of a SOC and avoid alert fatigue, Kaspersky suggests enterprises check the following advice:
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.
 Source: ESG Research Report “SOC Modernization and the Role of XDR”, June 2022