I am currently conducting research on emerging trends in Security Operations. Specifically, I am focusing on how organizations are approaching Tier 1 (alert triage) and Tier 2 (root cause analysis) SOC functions. I would greatly appreciate your input on the following: Are you seeing these functions being outsourced in your organization or others you are familiar with? If so, at what company size or operational scale does outsourcing typically begin? Are there any approximate annual cost ranges you have seen for outsourced Tier 1 and/or Tier 2 activities (including tools and personnel)?
Sort by:
CIO in Government3 months ago
We are a mid-size government agency employing MDR. We rely heavily on business familiarity, visibility and managerial control for incident management, RCA & Defect Elimination that balances security and value. This prevents us from effectively outsourcing the function.
SOC function is mostly outsourced in the middle east region. Most organizations prefer to outsource it considering the capabilities it provides, the dynamic of response, high level of attrition in L1 and L2 analysts, and cost of running it in house. The cost of outsourcing depends on multitude of factors, depending upon the partner you choose, the services, the scope, etc.