Posts

, , ,

Building a Successful Security Operations Center Part 3: SOC Budget Calculator

Sometime back I published an article “What it Really Takes to Stand up a SOC”. This included a MindMap showing everything you need to consider while making a decision about establishing an internal Security Operations Center. Take a look at the PDF Download link for this MindMap. Since then, many people have asked questions about estimating budget for standing up an internal SOC. Read more

, ,

Building a Successful Security Operations Center (SOC) Part Two – Estimating SOC Budget

Image credit Pixabay

Budget estimates are a major part of SOC business case. A typical budget will consist of capital cost, payroll expenses, and annual recurring costs. The budget estimates also helps in making decision about build an internal SOC or using SOC as a Service. Following is a summary of three major cost components. Read more

Building a Successful Security Operations Center (SOC) – Part One

Photo credit pixabay

Photo credit pixabay

Building a successful security operations center is a significant undertaking. One needs to consider a number of aspects when making a strategic decision about SOC implementation. To cover major SOC considerations, we are going to publish multiple articles about building SOC. This is the first one of the series.

Success of SOC is a combination of good planning, selection of appropriate tools, executive sponsorship, and a strong focus on people working in SOC

The objective of this article is to paint a very high level picture about SOC components and general considerations. Following are few ideas to think about before starting your SOC journey. Read more

, ,

Security Operations Center (SOC) Team Development

Programming editor for CSS language

Image Credit Pexels

Building a SOC is on every organization’s TODO list these days, at least since the Target breach if not before. Following are few unique characteristics about the SOC that I have observed from my experience of building a SOC in last three years.

The SOC team has an interactive role within the team as well as with the broader IT organization. As a team, you are always being tested. You are tested by your internal users, as well as by your adversaries (outside hackers) on a continuous basis. Read more