Legacy tools are preventing security operations center (SOC) employees from reaching their full potential. According to a joint survey between Exabeam and the Ponemon Institute, SOCs waste 25 percent of their time on false positives because of incorrect security alerts.
The companies surveyed 596 IT and IT security practitioners for the survey.
The report highlights the need for productivity improvements in SOC centers. According to the report, SOC teams need to respond to approximately 4,000 security alerts every week.
RELATED CONTENT:
Report: Security Operation Centers are understaffed
In addition to chasing false positives, which is the biggest time-waster, SOC teams also spend about 15 percent of their time on each building incident timelines and cleaning, fixing, or patching networks after an incident.
Put together, these inefficiencies can lower response times and leave organizations vulnerable to data and financial losses.
“SIEMs are central to SOC cybersecurity for collecting logs and data from multiple network sources for the evaluation, analysis and correlation of network events used for threat detection. However, modern SIEMs are most effective because they leverage machine learning and behavior analytics to identify increasingly sophisticated cyberattacks and highly targeted hack techniques. When used in conjunction with a full arsenal of tools like intelligent incident timeline construction and automated response, modern SIEMs provide significantly more context for how attackers think, work or what they are after,” Exabeam wrote in a post.