SOC burnout

[harlan4096]

Professional burnout syndrome is hardly a new problem. When people get tired of monotonous tasks, the mind starts to wander. As a result, they become less attentive, less focused. In any field of activity, this is undesirable and leads to a drop in productivity. But in cybersecurity, the consequences can be catastrophic — especially if the person in question is a security operations center (SOC) worker.

Companies have two options when it comes to setting up an SOC: create one in-house or bring in outside professionals. We have extensive experience in this area, having both our own SOC and a client service center. Moreover, our experts provide services to third-party SOCs and get to see how things go in other organizations. Armed with our own formulas for maintaining staff professionalism, we decided to share our thoughts and experience on the topic of burnout.

Let’s start with the unpleasant part: The very nature of the work of an SOC threat analyst is a direct route to professional burnout. What’s more, the better the security situation at the company, the shorter the road. The job basically entails looking for anomalies in incoming data, day after day. If an anomaly is detected, things get a bit more interesting — there’s an incident to investigate, data to collect, risk and damage assessments to be made. But at companies with state-of-the-art solutions guarding servers, workstations, and the entire information infrastructure, juicy cyberincidents are not all that common.

Full reading: https://www.kaspersky.com/blog/soc-burnout/25463/