How SOC-as-a-Service Solves the SME InfoSec Talent Gap

February 28, 2018 Arctic Wolf Networks

For years, tech pundits and industry thought leaders have sounded the alarm: Solve the information security talent shortage or risk a far more treacherous cybersecurity landscape than even today’s.

And yet, here we are in 2018, with an ever-increasing cybersecurity expertise deficit and ever-greater losses from cybercrime. Why?

Because so many businesses have failed to evolve their use and approach to cybersecurity products, especially in small to midsize enterprises (SMEs). On one hand, organizations simply pay for “cutting-edge” point solutions that can’t keep up with new and advanced threats. On the other, businesses try and fail to put together something that resembles a security operations center (SOC). Both avenues are short-sighted attempts at making do. And neither comes close to addressing the real problem, which is the lack of sufficient expertise to support security operations.

Legacy security methods are sinking ships, and they risk dragging your investments down with them. It will take an entirely new type of security model for the SME market to get its head above water, and we believe SOC-as-a-service is that model.

Out-of-the-Box Solutions: More ‘Box’ than ‘Solution’

The problem with investing in the latest-and-greatest firewalls and intrusion detection systems is that they seek to build bigger walls around endpoints and network perimeters, and that just doesn’t work. John Parkinson, affiliate partner at Waterstone Management Group, put it best: “We’re still trying to build better castle walls, despite the fact that the attackers will always have better weapons than the walls can resist.”

In fact, somewhere between 600,000 and 700,000 cyberattacks happen every week, on average. Many of those begin as phishing scams that manipulate end users into handing over the keys to the castle, or well-disguised zero-day exploits that sneak in among business applications’ thousands of lines of code.

Not to mention, every new cybersecurity product is one more resource that someone on your IT staff has to manage. That brings us to the reason why in-house SOCs so frequently fail

No Security Expertise, No SOC

By definition, a SOC provides continuous threat detection and response. This requires 24/7/365 support from security analysts who are qualified to respond to alerts in real time. If you’re a mid-market organization, you already face headwinds because of the cybersecurity talent gap. US News & World Report estimates approximately 28,400 security vacancies exist, and that number is spiking. Cybersecurity Ventures projects 3.5 million unfilled security jobs by 2021. And now you’re supposed to hire a team of security analysts?

Putting that aside, you’re still facing a median annual income of more than $90,000 per analyst. That’s not all. Business networks may experience between 10,000 and 150,000 daily alerts. Consequently, many security analysts can’t give each indicator of compromise the attention it deserves, increasing the chances of a missed attack. The resulting alert fatigue negatively impacts 68 percent of cybersecurity workers, according to ESG/ISSA research.

After all this, we haven’t even touched on the exorbitant costs of deploying, configuring and managing a security information and event management (SIEM) system. It’s no wonder so many SMEs feel corralled into point solutions.

Why SOC-as-a-Service Is Different

“It completely redefines how security is delivered.”

SOC-as-a-service takes existing SME security practices to a higher level. It completely redefines  how security is delivered, both in terms of its capabilities and the pricing model.

First, it brings on-demand security talent to the SME market. The managed SOC provider supplies a team of security experts as part of the service. They’re available around the clock and able to respond to IOCs the moment they crop up.

Second, SOC-as-a-service provides the SIEM, and completes all log flow integrations for the client, meaning its quick and inexpensive to deploy. Dedicated security engineers also manage the SIEM and perform continuous threat monitoring leveraging machine learning-powered analytics resources along with their vast real-world experience and expertise.

Finally, SOC-as-a-service uses a predictable, subscription-based pricing model. SMEs receive all the benefits of an in-house SOC at a fraction of the cost.

For these reasons and others, SOC-as-a-service represents an entirely new approach to the delivery of security services. It has already shown a huge potential to fill in the gaps left behind by the security talent shortage. Rather than having to choose between the lesser of two evils (point solutions or an under-staffed “franken-SOC”), SMEs can now gain access to a high-performance SOC managed by security experts who have the knowledge and expertise needed to enhance overall security posture.

Download our white paper for more information on whether to build or buy.

 

Previous Article
Shadow IT: Risks Associated with SaaS App Usage in SMEs
Shadow IT: Risks Associated with SaaS App Usage in SMEs

Shadow IT is fundamentally a visibility problem that creates unnecessary risks for SMEs.

Next Article
Solving the Cyber Preparedness Problem
Solving the Cyber Preparedness Problem

Poor cyber preparedness doesn't stem from unwillingness to improve. It's the outcome of being corralled int...

×

Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Company
!
Thanks for subscribing!
Error - something went wrong!