Abstract
Security operations centres (SOCs) are facing many challenges today, including a cyber security skills gap hampering the ability to hire and retain staff, an overabundance of low-fidelity data flowing into the SOC, a broken innovation consumption model and a lacking ability to measure capabilities of a SOC. To overcome these challenges, a fundamental change in the approach to SOCs must be made. The changes necessary to allow a SOC to protect an organisation against successful cyberattacks are not just limited to the SOC itself. They require tight integration with groups aligned with the SOC, including network operations, security engineering, and the lines of business themselves. A prerequisite to this tight integration is a clear mission statement of what service the SOC provides to the business, including what it does and does not do. From there, we can begin to alter the inputs and outputs of a SOC through implementation of a prevention-based architecture and mitigation automation, a new security innovation consumption model and continuous measurement of configuration and operational confidence. This paper will walk through the fundamental changes needed to meet the challenges SOCs face today and move towards the adaptive SOC of the future: SOC 2030.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
