Ask a group of security analysts about the challenges of working in cybersecurity, and you’ll likely hear some common themes:
- A shortage of skilled cybersecurity talent
- Too many security alerts each day
- Too many security point-products to manage
- Lack of interoperability between those products
- Inability to scale security operations over time
- Increasing costs, shrinking budgets
- Increasing sophistication of malware
- Slow speed of threat detection and response
In light of these challenges, it’s no wonder that security teams feel perpetually overwhelmed. They’re clamoring for new ways to streamline their security operations in order to stay on top of security alerts, increase the speed of detection and response, and do more with less.
Many teams have turned to Security Orchestration, Automation, and Response (SOAR) tools as a remedy. A SOAR tool can orchestrate security actions (like investigations, triage, response) across various security products in a team’s arsenal, and automate otherwise manual repetitive security tasks.
In a recent study, analyst firm Enterprise Management Associates (EMA) spoke with over 250 IT and Security professionals across North America about their use of SOAR tools. The findings confirmed that SOAR tools truly make a difference.
Efficiency and Productivity Improvements with SOAR
Teams that used a SOAR tool identified an average efficiency (amount of input vs output) improvement of 48%. In productivity (output over time), gains were similar at about 53%. Given that 64% of security tickets generated per day are not being worked due to lack of manpower and automation, this level of efficiency and productivity gain could make a huge impact and drastically reduce security risks.
SOAR and Staffing
An overwhelming 97% of respondents in the study said that a SOAR tool allowed increased workload while maintaining the same number of staff members. In fact, just over 65% of respondents said their perception of personnel performance increased by at least one level. On average, 15% of participants said they felt personnel performed at two levels higher. Most importantly, 23% of senior management felt their personnel were performing at least two levels higher.
Return on Investment (ROI) with SOAR
How fast can a SOAR tool start paying dividends? Really fast. Sixty-four percent of study respondents indicated ROI was achieved for them in 12 months or less. Seventeen percent said they achieved return on investment with SOAR in 6 months or less.
View the Summary Report of EMA’s research in our "Confessions of Security Professionals on Security Orchestration, Automation, and Response (SOAR) Tools" report.
SOAR tools allow security analysts to work smarter and respond faster. Can a SOAR tool make a difference for your security team?