Intel Security's McAfee Labs: Inefficient SOCs a 'Ripe Market' for Channel

A survey by Intel Security’s McAfee Labs concluded that while approximately 90 percent of organizations have some type of security operations center (SOC), 93 percent of the SOCs have failed to address an incoming alert.

James Anderson, Senior News Editor

December 13, 2016

2 Min Read

More and more businesses are implementing security operations centers, but the majority of those centers are struggling to address threats.

A survey by Intel Security’s McAfee Labs concluded that while approximately 90 percent of organizations have some type of security operations center (SOC), 93 percent of the SOCs have failed to address an incoming alert. In another statistic, one-quarter (25 percent) of the SOCs suffered business impact from uninvestigated reports.

bc8443ab3d62435daa5a8bce2522ecea.jpg“Most organizations are still feeling – regardless of having a security operations center – extremely overwhelmed by just the sheer quantity of data and alerts that they’re getting,” said Brett Kelsey, vice president and chief technology officer of the Americas at Intel Security.

Kelsey noted that even the businesses that don’t yet operate an SOC generally plan to start one, even SMBs. But they come with a litany of problems and inefficiencies. For one, they tend to address cybersecurity in a very reactive way.

“Something happens, then they see that it happens, then they have to go take action after the fact, because they don’t have time to do any form of real proactive hunting component,” Kelsey said.

He said the report echoes the major theme of the cybersecurity landscape: that companies still lack the human personnel and capabilities to keep up.{ad}

Enter the partners. The study found that nearly two-thirds (64 percent) of the businesses implementing an SOC used a managed security services provider (MSSP) to do so. Kelsey said the lack of efficiency in current SOCs presents a “ripe market” for the channel. He  added that channel partners will continue to gain strength around endpoint, cloud and monitoring technology as they help end users with these issues.

“If they’re in the service business – the managed service business or the channel partner component – they’re going to end up bolstering and becoming that preferred provider to all of these other companies that they actually service. In fact, they’re going to become even more relevant today than they ever have been before,” he said.

The survey included the responses of 390 global IT decision makers from a variety of industries and positions. Read the full report, which Kelsey said made him “somewhat optimistic.”

“We are now finally starting to see some of the various technology components start to catch up and get ahead of where we were before. We sat in this state for quite some time where the bad guys have been pretty darn good at being innovative and ultimately putting things out there,” he said. “And I will tell you technologically, we’ve now finally started to hit a stride where it’s not just a matter of playing catchup to them anymore. We’re starting to look, think and feel like them, where we can then jump ahead.”

Read more about:


About the Author(s)

James Anderson

Senior News Editor, Channel Futures

James Anderson is a news editor for Channel Futures. He interned with Informa while working toward his degree in journalism from Arizona State University, then joined the company after graduating. He writes about SD-WAN, telecom and cablecos, technology services distributors and carriers. He has served as a moderator for multiple panels at Channel Partners events.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like