Page 99 - Cyber Defense eMagazine August 2024
P. 99
amount of effort put into managing the system and the return on effort. Properly investing in threat
intelligence by actively managing the indicators within the feeds yields much higher value. Curating feeds
with data for the business vertical or even data from the security operation team’s investigations can be
incredibly powerful. Unfortunately, threat feeds are rarely valuable as a set-and-forget alert producer.
Incident Response
Finally, a SOC is essential to cyber incident response flows. When we need them most, there must be
full confidence that the SOC team can investigate and provide timely evidence. Train them, involve them,
tabletop with them, and you will be thankful for the confidence in the face of adversity.
The cyber security operations center is a longstanding control. It plays a crucial role in our efforts to
minimize the effects of cyber incidents on our organization. Ultimately, investing time and energy into the
control can yield high returns.
About the Author
William Wetherill is currently the Chief Information Security Officer (CISO) for
DefenseStorm. He is a Certified Information Systems Security Professional (CISSP)
and Certified Information Security Manager (CISM) with extensive training,
background, and experience in various aspects of IT systems and applications. He
has over 27 years of IT experience, almost a third of it directly in
cybersecurity. William was the Director of Cybersecurity Operations overseeing the
24/7 SOC at DefenseStorm before being promoted to CISO in January 2024.
William was previously the Chief Information Security Officer at the University of North Carolina in
Wilmington (UNCW) where he built and managed their Information Security Program.
William can be reached online at [email protected] and at our company website
https://www.defensestorm.com/
Cyber Defense eMagazine – August 2024 Edition 99
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
