This year’s RSA Conference is expected to draw close to 50,000 security professionals to the Moscone Center in San Francisco. So we’re wondering, what issues are keeping them up at night?

On the eve of RSA, we wanted to address some of the biggest challenges we see IT security teams are facing. The sessions at this years’ conference cover everything from analytics, intelligence and response, to hackers, threats and security strategy. We’ve broken down four hot topics that IT security teams are focusing on this year:

  1. Hiring and retaining qualified security staff
  2. Having enough staff to protect the company 24×7
  3. The high cost of setting up a security operations center (SOC)
  4. Managing security information and event management (SIEM) tools that are not optimized for their company

Short-Staffed and Short-Spanned

According to the Bureau of Labor Statistics, more than 200,000 cybersecurity jobs go unfilled in the United States every year; some companies struggle for more than a year trying to fill vacant cybersecurity positions.

A recent study highlighted the challenge that existing staff is having trouble providing 24/7 security. The survey of 437 cybersecurity pros found that close to half have a major shortage of cybersecurity staff, and their current staff is overwhelmed by protecting their firm with limited resources.

To help businesses cope with this ongoing skills gap, Proficio acts as an extension of your IT team, providing advanced threat detection, actionable alerts, customizable dashboards and reports, and much more, so your team has more time to focus on their daily responsibilities.

SIEM & SOC: The Crime-Fighting Duo

In an era of limited resources, building an SOC can be an expensive solution to your firm’s cybersecurity problem. The SANS Institute’s white paper also details the grueling process of setting up a SOC, including the amount of collaboration between people, technology, and processes. What’s the bottom line? According to some estimates, the initial set up of a SOC can cost a company more than half a million dollars and recurring operational costs could top $700,000.

A key component of a SOC is a SIEM system, which is complex to administer and when done right, requires teams of people for constant monitoring, tuning, and responding to security incidents. The latest and greatest SIEM systems use advanced correlation techniques, statistical and moving average anomalies, business process management, risk management, and global threat intelligence feeds.

Many companies, even larger enterprises, find that they just can’t afford the latest SIEM, or if they make the investment, they are lacking staff with expertise on the matter and never fully maximize their SIEM. This is problematic in an environment of increasing cyber threats and decreasing resources.

MSSPs like Proficio can take the hassle and expense out of setting up and running a SOC and administering a complex SIEM system. We offer SOC-as-a-Service and SIEM-as-a-Service, so you can get the 24×7 protection you need without a large upfront investment in hardware and software or the need to hire a full security staff or SIEM experts.

Why Consider an MSSP?

To gauge the extent of these challenges among IT security pros and whether an MSSP could offer some relief to these challenges, we polled our Twitter followers and asked:

Proficio Twitter Poll

50% of our voters said they were looking into an MSSP because they can’t protect their organization 24×7. 20% of our voters thought building an SOC was too expensive, while another 20% also agreed staffing was the major challenge. Although only 10% of our voters said they’d consider an MSSP because their SIEM isn’t optimized, there’s still a portion of organizations out there concerned about having the expertise to properly manage SIEM systems.

Each issue facing security teams today presents a unique challenge and there are many reasons why an organization may want to think twice about handling these issues alone. While 24×7 protection seems to be the largest reason companies lean on MSSPs, there are many security concerns that would benefit from some additional support.