,

DBIR 2017 – Major Findings of Verizon Data Breach Investigations Report

Credits Pixabay

Verizon is publishing Data Breach Investigations Report (DBIR) for over 10 years. The latest release is DBIR 2017 which was published on April 27th. This year’s report contains 1935 confirmed data breaches and more than 42000 security incidents. Like always, DBIR 2017 provides great insights about how data breaches are happening, who is behind attacks, and what their motives are. Read more

, ,

Social Engineering Awareness Program Part 4: Clicking the Phish

It is inevitable that at some point, someone will fall victim to a social engineering attack. This could be via clicking the phish, letting an unauthorized person in, or succumbing to a phone scam. Integrating with your Incident Response plan (if you have one; otherwise read my next series) is vital. Read more

, , ,

Building a Successful Security Operations Center Part 3: SOC Budget Calculator

Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Take a look at the PDF Download link for this MindMap. Since then, many people have asked questions about estimating budget for standing up an internal SOC. Read more

, ,

Building a Successful Security Operations Center (SOC) Part Two – Estimating SOC Budget

Image credit Pixabay

Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC as a Service. Following is a summary of three major cost components. Read more

, ,

Security Operations Center (SOC) Team Development

Programming editor for CSS language

Image Credit Pexels

Building a SOC is on every organization’s TODO list these days, at least since the Target breach if not before. Following are few unique characteristics about the SOC that I have observed from my experience of building a SOC in last three years.

The SOC team has an interactive role within the team as well as with the broader IT organization. As a team, you are always being tested. You are tested by your internal users, as well as by your adversaries (outside hackers) on a continuous basis. Read more