SANS Institute Analysis Exhibits the Frameworks Organizations Use #Imaginations Hub

SANS Institute Analysis Exhibits the Frameworks Organizations Use #Imaginations Hub
Image source -


Respondents overwhelmingly desire the NIST CSF framework

Outcomes present that firms lag in coaching and cyber-readiness workouts

Herndon, Va., December 19, 2023 Expel, the safety operations supplier that goals to make safety straightforward to grasp, use and enhance, at present launched a brand new analysis report, “Frameworks, Instruments and Strategies: The Journey to Operational Safety Effectiveness and Maturity” by the SANS Institute. Commissioned by Expel, the report shares and analyzes analysis on a spread of safety operations middle (SOC) practices and descriptions the present state of the SOC inside many organizations, primarily based on in-depth survey findings of IT and cybersecurity professionals from world wide. This analysis got down to: 

  • Decide if frameworks are used to outline, measure and assess SOC features and, in that case, which framework(s) organizations desire

  • Assess SOC metrics at the moment in use and the presence of any insurance policies and coaching, in addition to respondents’ sentiment concerning efforts to enhance cybersecurity

  • Seize respondents’ self-assessment course of for his or her group’s safety program maturity and study the safety program parts that contribute to maturity

  • Be taught if organizations benchmark efficiency and whether or not they use KPIs to drive enhancements in safety processes

“Our analysis sheds some mild on the wide selection of frameworks and metrics organizations use, but in addition reveals that respondents have combined emotions in regards to the maturity of their safety applications,” stated Dave Shackleford, senior teacher on the SANS Institute. “Not sufficient respondents’ organizations have executive-level governance, and too many are lacking well-defined coaching applications. These are essential gaps that should be addressed. As safety operations mature, we anticipate to see these areas enhance over time, however it’s going to require intentional funding to see impactful outcomes.” 

Beneath are a choice of the insights from the SANS Institute’s analysis: 

The vast majority of respondents make use of a cybersecurity framework, with the Nationwide Institute of Requirements and Expertise Cybersecurity Framework (NIST CSF) being hottest.

The survey discovered that 69.4% of respondents at the moment use a framework to assist outline and measure insurance policies, processes, and controls, the place solely 22.1% don’t. Virtually three-quarters (74%) of respondents that make use of a framework use the NIST CSF—virtually twice as many as the subsequent three hottest frameworks (ISO 27001, NIST 800-37, and MITRE).

Excellent news: two-thirds of respondents use metrics to evaluate and enhance safety. 

Two-thirds of respondents are at the moment utilizing metrics to evaluate operational safety efficiency. Slightly below 22% usually are not, and one other 11.8% aren’t positive. The highest three metrics collected and measured by respondents embrace safety incidents (74%), vulnerability assessments (58.5%), and intrusion makes an attempt (43.9%). 

Organizations can enhance their use of IT and safety coaching applications and cyber-readiness workouts. 

Greater than 40% of respondents stated they don’t have formal IT/safety coaching applications in place. Of those who have coaching, greater than 72% devour supplies by way of video content material, 60% use third-party certification exams, 55% get common emails with academic content material, and about 34% reported that they prepare by way of a Wiki or data middle. Upwards of 30% of respondents don’t carry out cyber-readiness workouts on a routine foundation. Those who do carry out cyber-readiness workouts depend on penetration exams and tabletop workouts (tied at 73.7% every) together with incident response testing (71.7%). Catastrophe restoration exams (56.1%) and pink/blue/purple workforce workouts (38.6%) spherical out the responses.

Learn the total report back to see information on different SOC tendencies, like hybrid SOC utilization, how respondents view the usefulness of safety metrics and key efficiency indicators (KPIs), and the way organizations price their SOC maturity.

“The analysis revealed a variety of encouraging info, particularly round how respondents are leaning on frameworks to assist assess and drive their safety applications. These frameworks are a number of the most helpful instruments for driving the effectiveness of safety operations,” stated Greg Notch, Chief Data Safety Officer, Expel. “That stated, there are actually a variety of areas for enchancment, particularly by way of preventative measures. SOC groups appear to be making progress, however there’s extra work to be carried out to keep away from repeating errors which have vexed organizations for years.”

Obtain the “Frameworks, Instruments and Strategies: The Journey to Operational Safety Effectiveness and Maturity” report or watch the webcast dialogue of the analysis outcomes with Dave Shackleford and Greg Notch.

Go to to be taught extra about how Expel improves and simplifies safety operations, or ebook a product demo. 


The SANS Institute carried out a complete on-line survey of IT and cybersecurity professionals from private- and public-sector organizations throughout industries and geographies between August 2023 and September 2023.

About Expel

Expel helps firms of all styles and sizes reduce enterprise danger. Our know-how and other people work collectively to make sense of safety alerts—with your corporation in thoughts—to detect, perceive, and repair points quick. Powered by our safety operations platform, Expel affords managed detection and response (MDR), remediation, phishing, vulnerability prioritization, and risk searching. For extra info, go to our web site, try our weblog, or observe us on LinkedIn or Twitter.

About SANS Institute

SANS Institute is the world’s largest supplier of cyber safety coaching. For over twenty-five years, SANS has offered leading edge coaching to governments and organizations the world over. Expertise might have modified in that point, however SANS’ core mission has remained fixed: to guard by way of sharing cyber safety data and abilities.

SANS affords over 60 cyber safety programs, operates throughout dozens of nations and has over 200,000 alumni. SANS coaching is constructed round a promise: college students will be capable of put into apply what they’ve discovered as quickly as they get again to their desk.

Related articles

You may also be interested in