SOC burnout is real: 3 preventative steps every CISO must take
Help Net Security
George Sandford, Director of Technical Success Management, Gigamon ThreatINSIGHT NDR
Consider this scenario: Morgan, a level 3 security analyst, arrives to a twelve-hour security operations center (SOC) shift and finds a message that a network sensor is offline. Morgan’s first hour is spent troubleshooting the sensor and bringing it back online before even beginning the workday. The next four hours of the shift is spent repeating a task Morgan has done each day for the last three weeks: tuning their new behavioral-based security solution so that it doesn’t generate countless inaccurate alerts.
The next five hours Morgan triages complex security events escalated from Level 1 and 2 security analysts, all of which require the team to perform the difficult collection of data just to...