Strategies  for  Building  an  Effective,  Resilient  Security

            Operations Center



            By William Wetherill, Chief Information Security Officer, DefenseStorm




            The modern Security Operations Center (SOC) has morphed and matured since its infancy in the early
            1990s.  The  primary  responsibility  of  monitoring  for  any  indication  of  intrusion  or  compromise  has
            remained a critical and valuable  control. The modern  SOC now encompasses  more robust information
            to  assist  in  its  primary  objective,  including  correlating  data  from  asset  management,  vulnerability
            management,  data  loss  prevention  systems,  and  cloud  access  security  brokers  to  events  to  provide
            enriched information to our investigators. Modern SOCs can deploy more proactive systems that become
            much  more  powerful  when  combined  with  security  orchestration  and  automated  response.  However,
            even with all of the technology at our disposal, the fundamental challenges of a SOC remain. In order to
            be an effective  and  efficient control  within  our environments,  we must  manage and  mature  our SOCs
            along five fundamental channels.





            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          95
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.