Why don't security teams and managers talk?Security intelligence and management firm Exabeam warns that the disconnect between CIOs/CISOs and their security operation centres (SOCs) is something companies urgently need to address.

Speaking after the findings of the company’s 2018 State of the SOC Report (registration required) were published, Exabeam’s VP & Chief Security Strategist, Stephen Moore, hammered home the point that just complaining there is not enough staff in a SOC team to deal with a cyber breach.

“The collective weight of the report represents a perfect storm benefitting only the adversary; too few defenders, inexperience, overwhelmed by alerts, and defending their network with out of date technology,” expounds Moore.

Steven Moore, VP and Chief Security Strategist, Exabeam
Steven Moore, VP and Chief Security Strategist, Exabeam

“It doesn’t make sense to have exhausted defenders before the fight even begins. In daily operation, especially in crisis, CIO’s and CISO’s base their personal brand on these defenders. Sadly, most executives don’t understand the needs, pain, and frustrations of their defenders. Have the conversation today and get comfortable with the investigative, analytic, and response processes that you ultimately represent.”

Moore acknowledges that staffing is an issue in the SOC, accepting that this is an issue in IT in general, but moves away from simply blaming staffing levels for a company’s problems during a data breach. “I’ve experienced not having enough staff during a breach, it isn’t easy. 45% of the respondents felt hey didn’t have enough staff, with 63% saying they could with 2-10 more staff.”

He then added that in addition to not having enough staff, 62% of respondents cited inexperienced staff as being a “major paint point.”

What the numbers mean

A worrying statistic is that only 51% of the companies who responded had cybersecurity insurance in place. “More UK companies have it in place than in the US,” added Moore. “It’s worrying they don’t have it, maybe CIOs look at the cost and think it is too expensive to add to their budgets?

As you trawl through the survey the worry cited by Exabeam about the disconnect between CIOs and SOC professionals becomes increasingly clear:

• 79% of managers and frontline employees are concerned with the use of out-dated equipment, compared with just 22% of CIO and CISOs.
• Over half of SOC professionals (54%) believe the technology deployed in a SOC is underfunded.
• Frontline workers see inexperienced workers as a greater problem than their managers.

When the survey compared the function of a SOC between the UK and US it found little or no noticeable difference, with the US edging slightly farther ahead in the area of identify and threat assessment, with the UK slightly ahead in data loss prevention and malware analysis.

What does this mean?

Citing a lack of communication between IT teams that do all the work and the management who that has to account for their actions is hardly a new thing. That said, you would hope that in an environment where companies are tracking non-stop cyber attacks CIOs and CISOs would have learnt to put more time to one side to improve dialogue with their staff. As Moore says, the SOC team jumps into action to fix a cyber breach, but it is the boss who has to explain it to the share holders, board of directors, customers and, if they have it, insurance company.


Previous articleUKFast launches ClearCloud
Next articleTeradata Corp files IP suit against SAP
Cut him in half and the word technologist runs through Neil Fawcett’s core. Starting life as an engineer, specialising in the world of home computing, Neil the move to writing in 1985 and as the expression goes… never looked back. He was key to moving Computer Weekly away from its bias as a mainframe/minicomputer news title and propelled it into the exciting world of personal computing, breaking many an exclusive story. Following his tenure at CW he went on to work for various other publications, including participating in the UK launch of Information Week. During this time, he played a pivotal role in establishing custom publishing units designed to work alongside vendors to help define end-user publications and campaigns. Neil’s ability to take complex technology subjects and deliver digestible content frequently saw him appear on the likes of the national newspapers, the BBC and Sky, and often found himself delivering speeches to audiences around the world. With numerous books under his belt, Neil took time out in the new millennium to pursue a passion for toys/gaming and military history as he set up a manufacturing company with a global reach. He is now thrilled to have come full-circle and be back writing about his core passion: technology!


Please enter your comment!
Please enter your name here