https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Report Card F

SOC Management Gets Poor Marks, with 42% of MSSPs ‘Completely Ineffective’

  • Written by Edward Gately
  • January 22, 2020
Just like in-house SOCs, MSSPs need to think differently about how they provide security.

A high number of organizations find their investment in security operations centers (SOCs), including those outsourced to MSSPs, to be expensive and yielding mediocre results, according to a new report from the Ponemon Institute and Respond Software.

The report is based on a new survey on the cost and effectiveness of today’s SOC. Ponemon surveyed 637 IT and IT security practitioners in organizations that have a SOC and are knowledgeable about cybersecurity practices in their organizations.

Among the report’s findings:

  • Forty-two percent find their MSSP to be completely ineffective.
  • Organizations spend nearly $2.9 million annually on their in-house SOC.
  • That cost significantly increases to more than $4.4 million annually if they outsource to an MSSP.
  • Sixty-five percent say the time spent hiring and training SOC analysts has a significant impact on the ability for those responsible to complete their other responsibilities.

Chris Triolo, Respond’s vice president of customer success, tells us a few findings “surprised our team.”

Respond Software's Chris Triolo

Respond Software’s Chris Triolo

“Almost half of IT security practitioners (49%) surveyed are dissatisfied with their SOC model (in-house or outsourced) and 44% report the ROI of their SOC is getting worse,” he said. “Part of this dissatisfaction stems from the high cost of MSSPs. Sixty-three percent of those who outsource to an MSSP plan to bring the SOC back in-house or move to another vendor.”

Similar to in-house SOCs, MSSPs still focus on a human-centric “brute force” approach, which is inefficient, Triolo said. There also is high attrition when it comes to SOC employees. It typically takes seven months to hire and train an analyst, but the average tenure afterward is two years, he said.

“MSSPs have limited access to internal IT environments, which prevents broad coverage, and they still deliver high false positive rates with minimal context and remediation capabilities to customers,” he said.

MSSPs can’t operate like they have been, Triolo said. Just like in-house SOCs, they have to think differently about how they provide security monitoring and incident response services, he said.

“While humans will always have an important role in cybersecurity strategy and response, security monitoring is better left to machines,” he said. “The organizations that come to this conclusion too slowly will be left behind, unable to scale their businesses or respond quickly to adversaries.”

There also is improved morale and less turnover associated with freeing up tier-1 security analysts to focus on threat hunting, incident response and other automation projects, Triolo said.

The report does include some encouraging signs, such as 73% of respondents reporting that their SOC is crucial to their security programs, and industries are starting to dedicate more budget toward their SOC.

“This study highlighted many of the challenges and perceptions regarding company SOCs, including the substantial impact and cost of personnel for in-house SOCs,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “Many organizations thus turn to outsourcing, but 58% find their MSSPs to be either ineffective or only moderately effective. This creates a conundrum that suggests a third-way solution is necessary.”

Tags: MSPs Business of Security Endpoint MSSP Insider People and Careers Security

Most Recent


  • Kim Zetter at Black Hat
    Black Hat USA: No Excuses for Cyberattacks to Catch Critical Infrastructure Off Guard
    Critical infrastructure remains just as vulnerable as it was years ago.
  • Partner Program Changes
    Partner Program Updates: Microsoft, TD Synnex, AppSmart, Cisco, Verizon
    Verizon is pushing channel integration big-time, and Microsoft appointed a chief partner officer.
  • Chris Krebs
    Black Hat USA: Former CISA Director Says Cybercrime to Get a Lot Worse Before Better
    Black Hat attendance is back to pre-pandemic levels.
  • Black Hat logo
    Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More
    The event marks the 25th Black Hat USA.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • DevSecOps
    ServiceNow, Microsoft Set to Deliver Broad SecOps Integration
  • Dunce Cap Businessman
    Tired of MSSPs ‘Failing,’ Nuspire Debuts Platform to Combat Cyberattacks
  • Malicious hacker at computer with code
    FragAttacks Wi-Fi Vulnerabilities Pose Widespread Threat to Individuals, Businesses
  • Colonial Pipeline Just the Latest Victim in Darkside Ransomware Crime Spree

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Partner Program Updates: Microsoft, TD Synnex, AppSmart, Cisco, Verizon

August 11, 2022

Channel Futures and Channel Partners Ready Trio of Powerhouse Summits

August 11, 2022

Black Hat USA: Former CISA Director Says Cybercrime to Get a Lot Worse Before Better

August 11, 2022

Industry Perspectives

View all

How to Take Shared Responsibility for Securing Cloud

August 11, 2022

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Twitter

ChannelFutures

Say sayonara to contract renewals - @KaseyaCorp responds to mounting customer concerns with significant changes.… twitter.com/i/web/status/1…

August 11, 2022
ChannelFutures

.@Kyndryl, @Five9 partnership will focus on cloud-based #contactcenter solutions. dlvr.it/SWTFPx https://t.co/WGQedUjSB1

August 11, 2022
ChannelFutures

How cloud providers and customers can work together to safely share and secure responsibility in the cloud. @Cisco… twitter.com/i/web/status/1…

August 11, 2022
ChannelFutures

See the latest updates from @verizonbusiness, @GetNerdio, @AppSmartcom, @CiscoPartners and other companies.… twitter.com/i/web/status/1…

August 11, 2022
ChannelFutures

.@nutanix said to lay off 4% of workforce by October, as company cites macroeconomic issues. dlvr.it/SWSMDN https://t.co/w6JeqkI7r6

August 11, 2022
ChannelFutures

#BHUSA Day 1 with Chris Krebs, @cybereason, @keepersecurity, @BreachQuest, @awscloud and @splunk. #cybersecurity… twitter.com/i/web/status/1…

August 11, 2022
ChannelFutures

Have you registered for the @MSP_Summit yet? It’s just about a month away, so don’t wait. Here’s a sneak preview of… twitter.com/i/web/status/1…

August 11, 2022
ChannelFutures

Read about @adaptivnetworks's new distribution partner. dlvr.it/SWQFh3 https://t.co/az12SeMU7X

August 10, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X