SANS Institute's insights on SOC maturity tools, benchmarks, and frameworks

Dig into what your peers are doing in the ever-changing cybersecurity environment

SANS Institute completed a survey of nearly 300 IT and cybersecurity professionals to explore:

  • What frameworks are used to define, measure, and assess SOC functions (hint, NIST CSF is preferred by 74% of respondents)
  • The KPIs orgs are using to measure SOC performance
  • If, when, and how training and compliance policies are used to maintain cybersecurity
  • Cybersecurity maturity level self-assessment, hows and whys

While the key findings are in line with recent industry trends, some show clear room for improvement: a whopping 43% of responders also have no formal IT or security training in place.

Download the report now to learn more from your peers on how they’re benchmarking and measuring cybersecurity operations.

Get the report

Key findings:

  • Over 48% of responding orgs have a hybrid SOC approach, and only 10% fully outsource their SOC
  • 69% of respondents use a cybersecurity framework to define, measure, and assess SOC performance
  • 74% of orgs rely on the NIST CSF as their framework of choice
  • Measuring security incidents, vulnerability assessments, and intrusion attempts were the most popular security performance metrics
  • 61% of respondents regularly conduct cyber-readiness exercises
  • 43% of orgs do not have a formal cybersecurity training program for IT and security professional

Read it now

For respondents who leverage managed cybersecurity services, quite a few (41%) did not increase or decrease use in the past twelve months, but almost half (47%) did increase their managed services usage—with 15.5% increasing use significantly. This trend is definitely one that we have watched for several years, and it’s no surprise that organizations are increasingly outsourcing and relying on third-party services to help fill the gaps in operational coverage.”

Overwhelmingly, the NIST Cybersecurity Framework (CSF) is noted by almost three-quarters (74%) of respondents employing a framework—almost twice as many as the next top contenders (ISO 27001, NIST 800-37, and MITRE).”

Want a sneak peek of what to expect in the report?

Check out this snippet from a conversation between Expel CISO Greg Notch and SANs Institute Analyst Dave Shackleford for a quick preview.