SOC challenges within the current cyber skilling climate
A Cyberbit report reveals how organizations are currently building the human element of their InfoSec organization—shedding light on current practices including job requirements, the recruiting process, current skills levels, training impacts, and integration of industry best practices.
“This first annual SOC Skills Survey sheds a critical light on how companies are fulfilling—and falling short—on cyber team requirements to maintain a strong cyber defense posture,” said Steve Burg, Director of Product Marketing at Cyberbit.
“We’ve explored everything from enterprise team preparations for real world security incidents, to how they deploy security program integrations within their organizations—all to discover the breakdowns and best practices to bridge skills gaps.”
InfoSec leadership needs to educate HR departments at the hiring stage
Among key revelations relating to the full lifecycle of security operations and incident response staff, the survey suggests information security leadership needs to educate human resources departments at the hiring stage, as they are currently unprepared and missing critical knowledge for defining security roles. Here, just 39% of respondents felt that HR understood the requirements to work in a cybersecurity team.
On average, respondents believed that SOC teams were about 50% prepared across the entire range of skills provided. Least prepared were Intrusion Detection (55% unprepared) and Network Monitoring (58% unprepared). The majority of these teams rely on on-the-job training (41%) or offsite courses (26%) to advance their skillset, with the rest turning to a variety of simulation exercises.
“The insights revealed in the Cyberbit 2020 SOC Skills Survey point to tactical improvements across the recruitment cycle, as well as the need for better training for cyber employees,” said Adi Dar, CEO of Cyberbit.
“Bringing together key organizational players, such as HR and cyber leadership, and shifting to more effective training practices will dramatically improve the risk posture of every enterprise. Such collaboration ensures their digital assets are protected using the best tools, manned by top-tier cyber professionals.”
How to combat SOC team building and skilling process problems
The survey’s key findings suggest several solutions to best combat problems respondents raised about the SOC team building and skilling process. To benefit SOC team building and skilling moving forward, organizations should specifically focus in on improving recruiting processes, upskilling the existing workforce, and upgrading current training and assessment practices.
With recruiting, the survey suggests closer collaboration between cyber leadership and HR across the recruitment lifecycle. Investing in training to improve overall levels of preparedness, with a focus on attack detection, is also critical.
Lastly, organizations should deploy effective training practices that move away from on-the-job training and into simulation-based practices, to fully develop cyber professionals’ skill sets before they experience an attack in the real world.