Six essential ingredients of a modern Security Operations Center (SOC)

People SATURDAY

Hiring and retention – the highest issue
Skill gaps – train, borrow, buy?
The 2022 ISACA Report on State of Cybersecurity explored skills gaps among Cybersecurity professionals. The biggest skill gap identified in the report is “Soft skills”. Some examples included “communications, flexibility, leadership”*.
Lack of business acumen, poor communication, low attention to user experience are some
other factors causing brand damage of otherwise.

Processes

Maturity of processes is a key factor for SOC success.

1. IT Processes (patching, upgrades, change management, problem management etc.)
2. SOC Policies and Standards (log collection standards)
3. Threat detection process
4. Incident Response process
5. Threat hunting process
6. Use case development process
7. Shift management process

Technology Stack

SOC Governance

Governance board

• SOC organizational chart
• Business case, finance, budget – Is SOC delivering on value?
• Marketing
• Collaboration

Data Sources

Threat Intelligence

• STIX and TAXII
• Open and commercial threat intelligence
• TI automation with TIP
• Exploited Vulnerabilities databases and integration into incident prioritization
• Exploit Prediction Scoring System (EPSS)

Views: 2