New Information Security Forum Report Explores How to Build an Effective Security Operations Center
July 2019 by Marc Jacob
The Information Security Forum (ISF), trusted resource for executives and board members on cyber security and risk management, today announced the release of Building a Successful SOC: Detect Earlier, Respond Faster. According to the ISF, building a successful Security Operations Center (SOC) can greatly enhance the ability to detect and disrupt cyber-attacks, protecting the business from harm. The ISF’s latest report explores the key elements that are integral to optimizing a SOC’s performance, realizing operational efficiency and pursuing innovation, and equips organizations with a practical understanding of how to design, establish and enhance a SOC that is both empowered by the organization, and aligned with business requirements.
The prevalence of threats in today’s climate has accentuated the risk of financial loss, customer attrition and reputational damage. Acutely aware of the adverse business impact of security incidents, organizations are seeking to reduce their exposure and keep their assets secure. The latest report enables ISF members to develop a vital, high performing entity that will augment an organization’s ability to detect and disrupt cyber-attacks – protecting the business from harm and improving its security posture.
“In today’s business climate, organizations can no longer afford to rely solely on reactive measures. Instead, the priority must be to identify threats, resolve security issues and prevent adversaries from disabling or degrading business operations, said Steve Durbin, Managing Director, ISF. “A successful SOC will demonstrate its worth to business by protecting the organization’s reputation, delivering on compliance obligations and embracing a proactive approach to risk management.”
Building a Successful SOC: Detect Earlier, Respond Faster is aimed at organizations who are either creating a SOC or seeking to optimize their existing SOC. The report equips an organization to build and evolve a SOC of substantial worth to the business by:
• Describing the capabilities that a successful SOC can provide
• Articulating the key considerations for selecting a suitable SOC operating model
• Presenting a framework that provides practical guidance on how to design, establish and enhance a SOC.
The ISF Approach to Building a Successful SOC provides clarity on the elements that are integral to optimizing a SOC’s performance, realizing operational efficiency and pursuing innovation. It also equips organizations with a practical understanding of how to design, establish and enhance a SOC that is both empowered by the business, and aligned with business requirements. Whether creating a SOC from scratch or transforming an existing SOC, organizations should adopt the ISF Approach to derive maximum value from their investment. This report will help an organization determine the set of capabilities the SOC should provide and how these can best be delivered to meet business needs.
“The ISF Approach for Building a Successful SOC incorporates three aspects, which enable organizations to plan for, create and evolve a high performing SOC that supports business objectives. By adopting the ISF Approach, organizations will be better positioned to detect threats earlier and respond faster to cyber-attack,” continued Durbin. “The ISF Approach includes a detailed flowchart of SOC activities and explores the respective benefits and limitations of an internal, external and hybrid SOC. The final aspect of the ISF Approach is a framework for designing, establishing and enhancing a SOC, which embodies best practices, distilled from significant ISF Member engagement and research.”
Building a Successful SOC: Detect Earlier, Respond Faster is available now to ISF Member companies via the ISF website.