7 Reasons The SOC Is In Crisis - And 5 Steps To Fix It
CSO, Thursday, August 14th, 2025
Breaches continue to happen as SOC analysts deal with too many alerts or rules of engagement that stops them from acting. Here are some of the common problems and how to fix them.
I've been thinking a lot about SOC efficacy lately, and I'm going to take a position that might make some people uncomfortable. Despite organizations investing millions in security operations centres (SOC) and state-of-the-art detection technologies, we're seeing breaches at unprecedented levels.
Based on my observations across large enterprises in Australia, the United States, and the UK, only about one in twenty SOCs detects and responds effectively to the sophisticated identity-based attacks that we're seeing today.