Home / Blog / Cybersecurity Skills Gap / What Does the Cyber Security Skills Gap Mean for your SOC?

October 14, 2022

A fully-staffed and well-tooled SOC is essential to protect against today’s advanced cyber threats.

However, for many UK businesses, several things stand in the way—notably, the challenge of attracting and retaining skilled, experienced cyber security professionals without overspending.

Which begs the question…

Are We Really Still Talking About the Cyber Security Skills Gap?

In a word, yes. As frustrating as it may be, the skills gap hasn’t yet been filled—and it doesn’t look like it will go away any time soon.

According to a recent study by ISSA, the cyber security skills gap affects more than half (57%) of organisations worldwide. 95% of study respondents said the skills gap hasn’t improved in recent years, while almost half (44%) said it has grown worse.

Naturally, the UK isn’t unaffected. According to official government figures, 48% of UK businesses suffer from a basic skills gap that prevents them from carrying out fundamental activities laid out in the government-endorsed Cyber Essentials scheme. Common missing skills include configuring security products and detecting and removing malware. Meanwhile, almost a third (30%) of UK businesses have more advanced skills gaps like penetration testing and forensic analysis.

What about security operations?

A terrifying 27% of UK businesses lack the in-house skills they need for effective incident response and don’t currently outsource the function to a managed SOC provider. This leaves these businesses wide open to cyber attacks, and their data and assets vulnerable.

What Does the Cyber security Skills Gap Mean for UK Businesses?

The cyber security skills gap makes it hard for UK businesses to attract and retain the skilled security professionals they need to protect their data and infrastructure.

Cyber security practitioners have a lot of options. In an industry where demand for skills is far higher than the supply, practitioners are free to shop around for the best roles they can find. That means businesses can expect to pay a premium—and even then, individuals may leave to further their careers with a more attractive employer.

So, what makes a business attractive to cyber security practitioners?

It’s not just about money. Like any professional, most cyber security practitioners want a fulfilling role that is exciting and enjoyable. That often means choosing to work for organisations that have significant security budgets and are able to purchase the latest tools and services. This makes it tough for SMEs in particular to attract and retain personnel with the skills and experience they need to keep their business safe.

Is an In-House SOC Really Best?

There are several reasons why businesses like to retain security operations as an in-house function:

  1. In-house SOC teams focus exclusively on one network environment and become intimately acquainted with it. This can have benefits when investigating and resolving security incidents.
  2. Businesses have total control over the priorities and activities of in-house SOC teams and can decide exactly how they are structured, which tools they use, the hours they operate, etc.
  3. In some cases, in-house SOC teams can be physically located on one site, allowing for easy communication and collaboration within the team and with other departments.

However, having an in-house SOC isn’t without its hurdles. Some of the most common challenges businesses face include:

  • Today’s distributed business operations mean that SOC teams are rarely ‘under one roof,’ which can create logistical and communication challenges.
  • The cyber security skills shortage makes finding and hiring the right people a constant challenge. Even once a full team is in place, retaining personnel and skills can require constant investment in training and salary matching.
  • Having a complete SOC team that includes all the skills and expertise a business needs is often impossible, as the discipline is too broad and budgets too low.
  • The security ‘stack’ is increasingly complex to understand, operate, and maintain, requiring the presence of specialists who aren’t available—so often tool functionality goes underused.
  • A high proportion of SOC teams are missing critical skills due to budget and personnel constraints. This challenge is not limited to SMEs—even large organisations are often forced to go without critical skills for extended periods of time.
  • The cost of building and maintaining an effective SOC can be extremely high, leaving many businesses with insufficient SOC resources to protect against cyber attacks.

Faced with these challenges, many businesses prefer to eschew the struggle of building and maintaining an in-house SOC in favour of an alternative: outsourcing to a managed SOC provider.

Why Choose a Managed SOC?

By outsourcing to a managed SOC provider, businesses get the cyber security coverage they need without worrying about training and retaining in-demand cyber security personnel.

Some of the top benefits of working with a managed SOC provider include:

  • Cost savings. For most businesses, the cost of outsourcing security operations to a SOC provider is significantly lower than achieving the same level of coverage in-house.
  • Access to a broad range of expertise. Good SOC providers employ experienced personnel with a wide range of skills and expertise that far outweighs what most businesses can retain in-house. This enables the SOC provider to handle complex or unusual security incidents that would pose a significant challenge for most in-house SOC teams.
  • No staffing headaches. By outsourcing, businesses wash their hands of the need to attract and retain skilled cyber security practitioners. That means no costs or administration associated with hiring, training, or employment.
  • 24/7/365 coverage (without the price tag). It’s common for security incidents to occur out-of-hours, which is why a SOC should ideally be staffed 24/7/365. However, ‘always on’ operations are too costly for most businesses to manage in-house. By outsourcing to a SOC provider, businesses can ensure continuous SOC coverage at an affordable cost.
  • Coverage from the latest cyber security tools. An effective SOC combines skilled personnel with the latest tools and technologies—but again, these don’t come without a cost. Many in-house SOC teams are forced to make do with outdated tools, limiting their effectiveness. A good SOC provider will always arm its team with best-in-class tools, ensuring customers are protected against the latest threats.
  • Benefit from hard-earned lessons and experience. SOC providers work with multiple customers and get the benefit of observing threat activity across a range of industries and locations. While in-house SOC teams may only see a threat once, SOC providers bring the benefit of broader experience gained while protecting other business environments.
  • Scalability and flexibility. Unlike in-house teams, an outsourced SOC can scale up or down instantly to cope with changes to business scope, network environments, processes, etc.

Beyond these, outsourcing security operations to a managed SOC provider allows businesses to focus on their core operations without the distraction of maintaining an in-house capability.

Level Up Your SOC with CyberOne

CyberOne provides the UK’s most advanced managed SOC, delivering 24/7/365 protection against cyber attacks from our award-winning Cyber Defence Centre in Milton Keynes. Benefits include:

  • Cutting-edge cyber threat detection and response tailored to your business needs.
  • Real-time monitoring of all your users, devices, and applications, no matter where they are.
  • ‘Always on’ 24/7/365 SOC coverage with a comprehensive, easy-to-understand SLA.
  • Protect your business with best-in-class cyber security tools and real-time threat intelligence.
  • Get total oversight of threats against your business through our fully managed platform.

To find out how our Cyber Defence Centre could help protect your business, visit our website.