Skip to main content

Posts

Showing posts with the label what is soc

How to build and run a Security Operations Center

Today’s Cyber security operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to a rapidly expanding workforce of talented IT professionals. Yet, most CSOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise. Ensuring the confidentiality, integrity, and availability of the modern information technology (IT) enterprise is a big job. It incorporates many tasks, from robust systems engineering and configuration management (CM) to effective cybersecurity or information assurance (IA) policy and comprehensive workforce training. It must also include cybersecurity operations, where a group of people is charged with monitoring and defending the enterprise against all measures of cyber attack.