Aligning Business Goals with InfoSec Strategy

How do you align yourself with the business you are supporting? What value are you creating? These are the questions that every CISO should be thinking on regular basis. In a typical organization, the CEO has a list of business goals and objectives that trickle down through chain of leadership. Objective for IT leaders are usually derived from CEO’s business objectives to support the organization. Understanding the organizational objectives as well as the personalities of business leaders helps in creating and aligning the information security strategy. Read more

, , ,

Building a Successful Security Operations Center Part 3: SOC Budget Calculator

Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Take a look at the PDF Download link for this MindMap. Since then, many people have asked questions about estimating budget for standing up an internal SOC. Read more

, ,

Building a Successful Security Operations Center (SOC) Part Two – Estimating SOC Budget

Image credit Pixabay

Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC as a Service. Following is a summary of three major cost components. Read more

Building a Successful Security Operations Center (SOC) – Part One

Photo credit pixabay

Photo credit pixabay

Building a successful security operations center is a significant undertaking. One needs to consider a number of aspects when making a strategic decision about SOC implementation. To cover major SOC considerations, we are going to publish multiple articles about building SOC. This is the first one of the series.

Success of SOC is a combination of good planning, selection of appropriate tools, executive sponsorship, and a strong focus on people working in SOC

The objective of this article is to paint a very high level picture about SOC components and general considerations. Following are few ideas to think about before starting your SOC journey. Read more