Laura

04/04/2024

Cyber Security Stats 2024: A Look Inside a Typical SOC

What tools does the average security operations centre (SOC) use in 2024? What gets in the way when they deploy a new tool? And how stressed are security pros really?

These were just some of the questions we wanted to find out the answer to when we partnered with OnePoll at the end of 2023/the start of 2024. Together, we surveyed 250 British and Irish Heads of IT at companies with 500+ employees. 

Here’s what they said. 

Tools in a SOC

When we asked our respondents what type of cybersecurity solutions they currently used in their SOCs, they said: 

Company size matters. The larger the organisation, the more likely it is to deploy the latest generation of security tools, such as extended detection and response. 

72% of organisations with 5000 – 10000 employees use XDR in their SOC. This is in contrast to 49% of organisations with 500-999 employees and 54% of organisations with 1000-4999 employees. 

Use of XDR in the SOC based on company size - SenseOn and OnePoll survey data

More is more? 

Even though it’s been proven time and time again that having more security tools does not necessarily improve security, this myth persists.

78% of our respondents think that more cybersecurity tools equals better protection. Of these, 40% think so strongly. 

A far smaller percentage know that more is not always more. 

Only 8% don’t think the more tools you purchase, the more protected you are. Of these, only 2% strongly disagreed that having more tools increases security. 

% of heads of IT that say their organisation believes the more cybersecurity tools you purchase, the more protected you are - SenseOn and OnePoll survey data

Cyber purchasing decisions 

When security leaders think about buying cyber tools:

Headline cyber attacks drive adoption. Many organisations buy new tools because of/as a result of global security incidents: 

Only 1 in 5 organisations surveyed said global security incidents did not impact their tool purchasing decisions. 

New tool adoption challenges 

Integrating new cybersecurity tools into their existing security stacks is a challenge for most organisations. 

On average, integration takes anywhere between 1 and 5 months. 

Diving into adoption times, we learned:

Answer to "how long does it take to integrate a new cybersecurity tool into your security stack?" - SenseOn and OnePoll survey data

Training teams on new tools is also a time-intensive process. 

On average, it takes teams between 1 – 5 months to train employees on how to use new cybersecurity tools. 

Asked roughly how long it takes to get their teams up to speed with new tech:

Answer to "how long does it take to train teams on a new cybersecurity tool?" - SenseOn and OnePoll survey data

Organisation size has an impact here, too. The bigger the company, the longer adoption takes.

42% of organisations with 5000-10000 employees said it takes them 3-5 months to train teams on new cyber tools. Only 14% of organisations with 500-999 employees said the same. 

There seems to be a consensus among IT and cyber pros that the time they spend integrating new tools and training employees could be better spent elsewhere. 

Asked which activities would be more productive than having to adopt new tools: 

Only 2% of cyber and IT pros think that time spent adopting new tools would not have been better spent elsewhere. 

Security budgets

2023 was a good year for security budgets. Most of the organisations we surveyed did not experience budget cuts, and the vast majority saw their cybersecurity budgets go up.

67% said their cybersecurity budgets increased. 

For some organisations, cyber budgets stayed the same. 1 in 4 respondents said security budgets within their organisations remained unchanged. 

Only 7% of organisations decreased their security budgets. 

However, security spending increases are still not meeting the challenge of security IT environments. For larger organisations specifically, security budgets are falling short of the level IT leaders feel they need. 

60% of organisations with 5000 to 10000 employees said budget constraints were a challenge in managing and responding to threats. Only 28% of organisations with 500-999 employees said the same. 

Challenges in managing and responding to threats 

From ransomware to human error, there’s a lot to contend with when it comes to monitoring for and responding to threats. 

According to our respondents, these are the top challenges: 

While lack of employee awareness about cyber threats was a top three challenge overall, awareness was actually the main challenge for organisations with 5000-10000 employees. This was followed by integrating security measures into existing IT infrastructure and business practices (71%) and rapid tech changes (69%). 

For organisations with 500-999 employees, the three main challenges were external threats (55%), integrating security measures into existing IT infrastructure and business processes (50%), and lack of awareness about cyber threats among employees (42%). 

Organisations with 1000-4999 employees said the biggest challenges were external threats (44%), integrating security measures (44%), and securing remote work environments (43%). 

Primary security challenges based on organisation size - SenseOn and OnePoll survey data

The takeaway? 

Integrating security measures into existing infrastructure and processes is a core challenge, regardless of an organisation’s size. 

In general, organisations with 5000-10000 employees seem to suffer from, or at least be more aware of, more threats than their smaller peers. For example:

Stress

Burnout is rife among security professionals. 

Among the organisations we surveyed, 95% said stress experienced by cybersecurity professionals impacts staff retention. 

Of these, 34% said stress has a significant impact on retention. 

Just 1% said they don’t feel that cybersecurity professionals in their organisation experience stress. 

Cyber stress impacts organisations of all sizes but seems to get worse the bigger an organisation is—56% of organisations with 5000-10000 employees said stress “significantly” impacts staff retention, compared to 27% of organisations with 500-999 employees and 26% of organisations with 1000-4999 employees. 

The good news is that there are steps organisations can take to reduce stress, including more strategic tool investment. 

When we asked our respondents what kind of tools would have the most impact on reducing their security team’s levels of stress: 

Tools that would have the most impact on reducing security team's stress - SenseOn and OnePoll survey data

The bigger the organisation, the more desire there is to reduce alerts. 70% of organisations with 5000-10000 employees said tools which reduce alerts would be helpful compared to 40% of organisations with 500-999 employees. 

For organisations with 5000-10000 employees, the tool that would make the most difference in reducing stress is one that would help provide security awareness training to employees.