{"id":91623,"date":"2020-07-28T10:30:26","date_gmt":"2020-07-28T17:30:26","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/?p=91623"},"modified":"2023-09-26T09:10:46","modified_gmt":"2023-09-26T16:10:46","slug":"empower-analysts-reduce-burnout-isecurity-operations-center","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/","title":{"rendered":"Empower your analysts to reduce burnout in your security operations center"},"content":{"rendered":"<p>Effective cybersecurity starts with a skilled and empowered team. In a world with more remote workers and an evolving threat landscape, you need creative problem solvers defending your organization. Unfortunately, many traditional security organizations operate in a way that discourages growth, leading to burnout and high turnover.<\/p>\n<p><a href=\"https:\/\/www.teksystems.com\/en\/insights\/newsroom\/2017\/work-life-balance-stress-survey\" target=\"_blank\" rel=\"noopener noreferrer\">Sixty-six percent of IT professionals say they have considered finding a new job with less stress<\/a>. Fifty-one percent are even willing to take a pay cut. And the average tenure of a cybersecurity analyst is only one to three years. Even if stressed employees don\u2019t quit, they may become cynical or lose focus, putting your organization at risk. Given the huge talent shortage\u2014estimated between <a href=\"https:\/\/www.csis.org\/analysis\/cybersecurity-workforce-gap\" target=\"_blank\" rel=\"noopener noreferrer\">one<\/a> and <a href=\"https:\/\/www.isc2.org\/-\/media\/ISC2\/Research\/2018-ISC2-Cybersecurity-Workforce-Study.ashx?la=en&amp;amp;hash=4E09681D0FB51698D9BA6BF13EEABFA48BD17DB0\\h\" target=\"_blank\" rel=\"noopener noreferrer\">three million<\/a> cybersecurity professionals\u2014it\u2019s critical to understand some of the factors that lead to burnout, so you can grow and retain your team. In this blog, I\u2019ll provide insights into what drives burnout and walk through recommendations for using automation, training, and metrics to build a more effective security organization.<\/p>\n<h3>Burnout in the security operations center<\/h3>\n<p>Burnout starts with a vicious cycle. Because management has a limited budget, they staff many of their positions with entry-level roles. Security organizations are inherently risk-averse, so managers are reticent to give low-skilled roles decision-making authority. Security professionals in such an environment have few opportunities to use creative problem-solving skills, limiting the opportunity for them to grow their skills. If their skills don\u2019t grow, they don\u2019t advance and neither does the organization.<\/p>\n<p>This cycle was documented <a href=\"https:\/\/www.usenix.org\/system\/files\/conference\/soups2015\/soups15-paper-sundaramurthy.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">in 2015, when Usenix studied burnout in a security operations center (SOC).<\/a> By embedding an anthropologically trained computer science graduate in a SOC for 6 months, researchers identified four key areas that interact with each other to contribute to job satisfaction:<\/p>\n<ul>\n<li><strong>Skills:<\/strong> To effectively do their job, people need to know how to use security tools where they work. They also need to understand the security landscape and how it is changing.<\/li>\n<li><strong>Empowerment:<\/strong> Autonomy plays a major role in boosting morale.<\/li>\n<li><strong>Creativity:<\/strong> People often confront challenges that they haven\u2019t seen before or that don\u2019t map onto the SOC playbook. To uncover novel approaches they need to think outside the box, but creativity suffers when there is a lack of variation in operational tasks.<\/li>\n<li><strong>Growth:<\/strong> Growth is when a security analyst gains intellectual capacity. There is a strong connection between creativity and growth.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-91625\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\/wp-content\/uploads\/2020\/07\/BURNOUT-1-1.png\" alt=\"Image of the Human Capital Cycle\" width=\"265\" height=\"210\" \/><\/p>\n<p>Graphic from\u00a0<a href=\"https:\/\/www.usenix.org\/system\/files\/conference\/soups2015\/soups15-paper-sundaramurthy.pdf\" target=\"_blank\" rel=\"noopener noreferrer\"><i>A Human Capital Model for Mitigating Security Analyst Burnout<\/i><\/a>, USENIX Association, 2015.<\/p>\n<p>To combat the vicious cycle of burnout, you need to create a positive connection between these four areas and turn it into a <em>virtuous<\/em> cycle. Strategic investments in growth, automation, and metrics can make a real difference without requiring you to rewrite roles. Many of these recommendations have been implemented in the Microsoft SOC, resulting in a high-performing culture. I also believe you can expand these learnings to your entire security organization, <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/blog\/2020\/07\/08\/future-work-good-challenging-unknown\/\" target=\"_blank\" rel=\"noopener noreferrer\">who may also be dealing with stress related to remote work and COVID-19<\/a>.<\/p>\n<h3>Create a continuous learning culture<\/h3>\n<p>Managers are understandably wary about giving too much decision-making authority to junior employees with limited skills, but if you give them no opportunities to try new ideas they won\u2019t improve. Look for lower-risk opportunities for Tier One analysts to think outside set procedures. They may periodically make mistakes, but if you foster a culture of continuous learning and a growth mindset they will gain new skills from the experience.<\/p>\n<p>To advance skills on your team, it\u2019s also important to invest in training. The threat landscape changes so rapidly that even your most senior analysts will need to dedicate time to stay up to date. The <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/06\/06\/lessons-learned-from-the-microsoft-soc-part-2b-career-paths-and-readiness\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft SOC focuses its training on the following competencies<\/a>:<\/p>\n<ul>\n<li>Technical tools\/capabilities.<\/li>\n<li>Our organization (mission and assets being protected).<\/li>\n<li>Attackers (motivations, tools, techniques, habits, etc.).<\/li>\n<\/ul>\n<p>Not all training should be formal. Most managers hire junior employees with the hope that they will learn on the job, but you need to create an environment that facilitates that. An apprenticeship model provides growth opportunities for both junior and senior members of your team.<\/p>\n<h3>Support operational efficiency with automation<\/h3>\n<p>At Microsoft, we believe the best use of <a href=\"https:\/\/blogs.microsoft.com\/blog\/2020\/02\/20\/delivering-on-the-promise-of-security-ai-to-help-defenders-protect-todays-hybrid-environments\/\" target=\"_blank\" rel=\"noopener noreferrer\">artificial intelligence and automation is to support humans\u2014not replace them<\/a>. In the SOC, technology can reduce repetitive tasks so that people can focus on more complex threats and analysis. This allows defenders to use human intelligence to proactively hunt for adversaries that got past the first line of defense. Your organization will be more secure, and analysts can engage in interesting challenges.<\/p>\n<p>Solutions like Microsoft Threat Protection can reduce some of the tedium involved in correlating threats across domains. <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=90583\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Threat Protection orchestrates across emails, endpoints, identity, and applications<\/a> to automatically block attacks or prioritize incidents for analysts to pursue.<\/p>\n<p><a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/reducing-security-alert-fatigue-using-machine-learning-in-azure-sentinel\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel, a cloud-native SIEM, uses machine learning algorithms to reduce alert fatigue<\/a>. Azure Sentinel can help identify complex, multi-stage attacks by using a probabilistic kill chain to combine low fidelity signals into a few actionable alerts.<\/p>\n<p>It isn\u2019t enough to apply machine learning to today\u2019s monotonous challenges. Engage your team in active reflection and continuous improvement so they can finetune automation, playbooks, and other operations as circumstances change.<\/p>\n<h3>Track metrics that encourage growth<\/h3>\n<p>Every good SOC needs to track its progress to prove its value to the organization, make necessary improvements, and build the case for budgets. But don\u2019t let your metrics become just another checklist. Measure data that is motivational to analysts and reflects the successes of the SOC. It\u2019s also important to allocate the tracking of metrics to the right team members. For example, managers rather than analysts should be responsible for mapping metrics to budgets.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2019\/02\/21\/lessons-learned-from-the-microsoft-soc-part-1-organization\/\" target=\"_blank\" rel=\"noopener noreferrer\">The Microsoft SOC tracks the following metrics<\/a>:<\/p>\n<p><strong>Time to acknowledgment:<\/strong> For any alert that has a track record of 90 percent true positive, Microsoft tracks how long between when an alert starts \u201cblinking\u201d and when an analyst starts the investigation.<\/p>\n<p><strong>Time to remediate:<\/strong> Microsoft tracks how long it takes to remediate an incident, so we can determine if we are reducing the time that attackers have access to our environment.<\/p>\n<p><strong>Incidents remediated manually and via automation:<\/strong> To evaluate the effectiveness of our automation technology and to ensure we are appropriately staffed, we track how many incidents we remediate via automation versus manual effort.<\/p>\n<p><strong>Escalations between tiers:<\/strong> We also track issues that are remediated through tiers to accurately capture the amount of work that is happening at each tier. For example, if an incident gets escalated from Tier One to Tier Two, we don\u2019t want to fully attribute the work to Tier Two or we may end up understaffing Tier One.<\/p>\n<p>As organizations continue to confront the COVID-19 pandemic and eventually move beyond it, many security teams will be asked to do more with less. A continuous learning culture that uses automation and metrics to encourage growth will help you build a creative, problem-solving culture that is able to master new skills.<\/p>\n<p>Read more about <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/threat-protection\/integrated-threat-protection\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Threat Protection<\/a>.<\/p>\n<p>Find out about <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/azure-sentinel\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel.<\/a><\/p>\n<p>Bookmark the\u00a0<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us at <a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a>\u00a0for the latest news and updates on cybersecurity.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.<\/p>\n","protected":false},"author":96,"featured_media":91627,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3662],"topic":[3674,3684,3685],"products":[3726],"threat-intelligence":[],"tags":[],"coauthors":[1916],"class_list":["post-91623","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-news","topic-incident-response","topic-security-operations","topic-siem-and-xdr","products-microsoft-sentinel"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-28T17:30:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-26T16:10:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-BANNER.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Microsoft Security Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-BANNER.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Microsoft Security Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/\",\"@type\":\"Person\",\"@name\":\"Microsoft Security Team\"}],\"headline\":\"Empower your analysts to reduce burnout in your security operations center\",\"datePublished\":\"2020-07-28T17:30:26+00:00\",\"dateModified\":\"2023-09-26T16:10:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\"},\"wordCount\":1202,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\",\"name\":\"Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png\",\"datePublished\":\"2020-07-28T17:30:26+00:00\",\"dateModified\":\"2023-09-26T16:10:46+00:00\",\"description\":\"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png\",\"width\":500,\"height\":263,\"caption\":\"An image of a technician examines performance test results in racing stimulator of Formula One manufacturing plant..\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Empower your analysts to reduce burnout in your security operations center\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog","description":"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/","og_locale":"en_US","og_type":"article","og_title":"Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog","og_description":"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/","og_site_name":"Microsoft Security Blog","article_published_time":"2020-07-28T17:30:26+00:00","article_modified_time":"2023-09-26T16:10:46+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-BANNER.png","type":"image\/png"}],"author":"Microsoft Security Team","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-BANNER.png","twitter_misc":{"Written by":"Microsoft Security Team","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/microsoft-secure-blog-staff\/","@type":"Person","@name":"Microsoft Security Team"}],"headline":"Empower your analysts to reduce burnout in your security operations center","datePublished":"2020-07-28T17:30:26+00:00","dateModified":"2023-09-26T16:10:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/"},"wordCount":1202,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/","name":"Empower your analysts to reduce burnout in your security operations center | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png","datePublished":"2020-07-28T17:30:26+00:00","dateModified":"2023-09-26T16:10:46+00:00","description":"Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2020\/07\/MSC19_renaultRacingFactory_023-7-28-20-FEATURE.png","width":500,"height":263,"caption":"An image of a technician examines performance test results in racing stimulator of Formula One manufacturing plant.."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2020\/07\/28\/empower-analysts-reduce-burnout-isecurity-operations-center\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Empower your analysts to reduce burnout in your security operations center"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/91623","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/96"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=91623"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/91623\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/91627"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=91623"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=91623"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=91623"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=91623"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=91623"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=91623"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=91623"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}