London, UK, August 4 2020 – Half of first-time security analysts working in Security Operations Centres (SOCs) plan to leave after just three months in the job, according to a study* from SIRP Labs out today. Not one of them plans to stay in their current role for no longer than 18 months. Of all the security analysts interviewed nearly half (48%) of security analysts are considering leaving their role, within 11 months on average.
Across all pay grades the average amount of time spent in the same post is just 30 months. Top areas of dissatisfaction with the job that contribute to this high rate of churn are mundane tasks (51%); frustration at events outside control (45%); the inability to allocate time effectively (30%) and a pressure cooker environment (29%).
The research also highlights the impact the pandemic has made on analyst workloads. Almost half of respondents (46%) have experienced a reduced workforce as a result of the pandemic, while just over 2 in 5 have had to spend more time on non-productive tasks and a similar number, 42%, are feeling pressure on the job. An increased amount of time spent on non-productive tasks came top of the list, especially for organisations with several thousand employees. Since the pandemic started, 42% feel the pressure has intensified while work life balance has been disrupted for a third of analysts (34%).
On the plus side most security analysts (66%) enjoy a sense of team spirit, especially those over 35 where team spirit is highest (72%). Among the respondents 96% say they are able to prioritise alerts based on the risks to the organisation while a similarly high proportion (89%) say they enjoy a close working relationship with colleagues in other departments like GRC or vulnerability management.
“High rates of staff churn continue to plague under-pressure SOCs,” said Faiz Shuja, Co-Founder & CEO of SIRP. “This research clearly shows organisations neglect conditions in their SOCs at their peril.
“The double-whammy of a global cybersecurity skills shortage coupled with the pandemic have created melting-pot conditions where good staff are hard to keep and even harder to come by,” he continued. “Morale could easily be improved with more automation along with fast access to the right information, helping to improve productivity and reduce the amount of missed or false-positive alerts.”
*The independent study by Sapio Research was commissioned by SIRP Labs, a leading Risk-based Security Orchestration, Automation and Response (SOAR) platform provider, following interviews with 250 security analysts in July 2020.
SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response. Through a single integrated platform, it drives security visibility, so decisions can be better prioritised and response time is dramatically reduced. With SIRP, the entire cybersecurity function works as a single, cohesive unit.
SIRP provides a more dynamic, complete view of incidents, threat intelligence, vulnerabilities, and risks in one place, so you can prioritise and make better decisions faster and respond more effectively. It combines security orchestration, playbook automation and case management capabilities to integrate your team, processes and tools together. SIRP makes security data instantly actionable, provides valuable intelligence and context, and enables adaptive response to complex cyber threats and vulnerabilities. For more information visit the SIRP Labs website at www.sirp.io.
# # #
Paul Shlackman, Gabby Dunne
+44 (0) 1276 486000