Staffing a SOC, How Much?
Staffing a SOC – $644,000 is a simple estimate for 24x7x365 coverage assuming seven FTEs (Full Time Employees) with one being a database administrator and the rest security analysts. The annual salary per FTE from glassdoor.com <http://glassdoor.com> <http://glassdoor.com <http://glassdoor.com/> > for these job titles with benefits is $92,000 as a U.S. national average.
Adding in security training classes from organizations like SANS.org can add another $15-20,000 per FTE, plus exam fees around $1,000 from GIAC.org for each certification. Security analysts are different from system and network administrators in skills, perceptions and the results they produce.
Converting these expenses into the number of stolen records using the U.S. cost per record of $188 from the 2013 Cost of Data Breach: Global Study (Ponemon) you get just under 3,500 records. If you had an incident response plan in place, security services ready for remediation, plus a strong security posture, the cost almost halves and you get 7,000 records. You do not have to lose much data to see the cost of a data breach soar past the staffing cost of a SOC.
Staffing a SOC is only one part of the solution, adding in the cost of a SIEM solution with deployment, configuration and administration fees may cost just as much as the FTEs. For large companies these costs are likely manageable, however for mid-sized and smaller companies they are out of reach given their IT security budgets. This is where a managed SIEM service makes the most sense, and you get the benefit of third party security expertise as an extension of your team.
Tom Clare, Head of Corporate & Product Marketing