18.09.2018

|

|

Artikel

Sourcing a SOC / CDC requires Consideration

Teaser Image

The detection and handling of security incidents, also known as Security Information and Event Management (SIEM) or “Detection and Response” according to the NIST Cybersecurity Framework, is - unfortunately - becoming increasingly important. The Security Operations Center (SOC) or Cyber Defense Center (CDC) plays a central role in the implementation of SIEM processes. The demands on the expertise and availability of the SOC/CDC are high; unfortunately, internal attacks cannot be restricted to office hours. These are important reasons why SOC services are often outsourced to third parties, and the market offering is growing rapidly as a result.

The SOC service provider should be selected on the basis of an appropriate requirements specification that also takes into account the customer’s restrictions. A 24/7 service for detection, for example, is of little use if the departments responsible for risk assessment and/or response are only available during office hours. Another fundamental question is whether the SOC service should be transferred to the system operator, a managed security provider or deliberately to an independent third party. There are good arguments for all three strategies and the decision must be based on the specific objectives of SOC sourcing.

Über den Autor

Teaser Image
11.09.2024| | Artikel

Post Quantum Cryptography - Do the Locks Used Hold Up?

Beitrag lesen
Teaser Image
08.07.2024| | Artikel

Security Culture is more than Awareness

Beitrag lesen
Teaser Image
17.06.2024| | Artikel

Chat Applications Effectively Monitored by the SOC

Beitrag lesen
Zu allen Beiträgen