Security analysts play a vital role ensuring that their organizations stay safe and secure. But barriers to their work, like a lack of staff, overwork, and tedious tasks are causing frustration and burnout, a Tines report reveals.
In order to better understand how security leaders can solve their team’s pain points, we first have to start with a baseline of how analysts are faring today.
The report surveyed 468 full-time security analysts who work at companies with 500 or more employees with the purpose of better understanding what it’s like to be an analyst today.
Tines COO, Thomas Kinsella, commented on the report: “While understaffing and low budgets do hold teams back, what’s dragging them under is repetitive, manual tasks, which in turn keep them from working on higher-impact projects that contribute to their organization’s overall security posture. Our goal with this research is to help security leaders recognize what they can do to streamline their processes, decrease burnout, increase retention, and create better work environments for their analysts overall.”
Security analysts’ pain points
- 71% of analysts experience some level of burnout. This could be due to the fact that 69% are understaffed, and 60% have seen increased workloads over the past year.
- Reporting, monitoring, and detection are top tasks consuming an analyst’s time. Additionally, reporting and monitoring are also two of the top tasks analysts enjoy the least.
- Spending time on manual work is an analyst’s top frustration. 64% are spending over half their time on tedious manual work.
- 66% believe that half of their tasks to all of their tasks could be automated today. If they could automate their tasks, analysts would use the time to update operational documentation, develop advanced detection rules, integrate more systems and logs, focus more on intelligence, and modify alert rules to reduce false positives.
- 64% say they’re likely to switch jobs in the next year. However, organizations could retain them by providing tools that automate tedious manual tasks, providing best-in-breed tools with advanced capabilities, and hiring more people to the team.
- Coding is the top skill needed to succeed as an analyst. This is likely due to the need to know code to automate processes. Other top skills our respondents say analysts need for the future are knowing computer forensics techniques and knowing how to operationalize MITRE ATT&CK.
from Help Net Security https://ift.tt/Jzh6D47
0 comments:
Post a Comment