People SATURDAY
Hiring and retention – the highest issue
Skill gaps – train, borrow, buy?
The 2022 ISACA Report on State of Cybersecurity explored skills gaps among Cybersecurity professionals. The biggest skill gap identified in the report is “Soft skills”. Some examples included “communications, flexibility, leadership”*.
Lack of business acumen, poor communication, low attention to user experience are some
other factors causing brand damage of otherwise.
Processes
Maturity of processes is a key factor for SOC success.
- IT Processes (patching, upgrades, change management, problem management etc.)
- SOC Policies and Standards (log collection standards)
- Threat detection process
- Incident Response process
- Threat hunting process
- Use case development process
- Shift management process
Technology Stack
SOC Governance
Governance board
- SOC organizational chart
- Business case, finance, budget – Is SOC delivering on value?
- Marketing
- Collaboration
Data Sources
Threat Intelligence
- STIX and TAXII
- Open and commercial threat intelligence
- TI automation with TIP
- Exploited Vulnerabilities databases and integration into incident prioritization
- Exploit Prediction Scoring System (EPSS)
Views: 2
