Risky Bulletin Newsletter
April 29, 2026
Risky Bulletin: UK NCSC blasts SOC metrics
Presented by
News Editor
The UK's cybersecurity agency has advised public and private organizations against relying too much on bad metrics to evaluate the efficiency of their security operations centers (SOCs).
Officials say bad metrics incentivize SOC teams to be careless about their jobs and rush through tickets and detections rather than be dedicated to protecting their networks.
While metrics can be used for other IT departments to evaluate their effectiveness, the true value of a SOC team comes from insight and not speed or quantity, hence SOC teams should not be treated as any other department that needs to be optimized.