The Bottom Line: 24 percent of security leaders cite lack of transparency and visibility as the biggest obstacle to effective security operations – despite the necessary tools mostly being in place.
The SANS SOC Survey 2026, based on responses from 444 security professionals and 69 CISOs, reveals a structural problem: missing transparency and insufficient integration of security tools hamper security operations center deployment more than staffing shortages.
The SANS SOC Survey 2026, the tenth edition of the annual study, is based on responses from 444 security professionals and a parallel survey of 69 CISOs and senior security leaders. The central finding: 24 percent of surveyed leaders identify lack of transparency and visibility as the primary obstacle – a deficit that even ranks ahead of persistent staffing shortages.
The problem manifests operationally through uncontextualized alert volumes. Although the required security tools are present in most organizations, the necessary integration is missing to consolidate data streams and create a unified picture across teams. Christopher Crowley, senior instructor at SANS Institute, summarizes this: most organizations have the tools, but the challenge lies in creating a coherent picture when teams lack shared priorities.
The study reveals significant perception gaps between management and operational teams: 59 percent of cyber leaders report that senior management precisely understands real staffing needs and employee retention in the SOC. But only 32 percent of staff share this assessment – a 27 percentage point discrepancy that has persisted continuously over years. The reason lies in hiring and retention decisions being made without operational involvement.
Another contradiction emerges in budgeting: 75 percent of security leaders confirm that technology only functions effectively with qualified personnel. At the same time, these same leaders cite personnel as the biggest obstacle to funding cybersecurity priorities. Additionally, while 74 percent use Threat Intelligence for daily operations and proactive threat hunting – only 26 percent incorporate these insights into budget and investment decisions. Crowley emphasizes that these patterns are not new: “What has changed is ten years of data showing that nothing has changed. Organizations that close this gap treat it as a specific operational problem, not a general management challenge.”
Source: www.it-daily.net · Published June 17, 2026
Lumi AI News — AI-assisted curation per Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.