5G/SOC: The NOW of security operations

Today, most enterprises have some sort of security operations. Some are basic with a couple of security analysts monitoring the network in a best-effort manner; while others may have state-of-the-art security operations centers (SOC).  These capabilities usually evolve over years or decades depending on the needs of the organization—those that need more security have more security. We noticed this trend and decided to document this evolution in our newly published whitepaper "5G/SOC: SOC Generations".

 SOC Generations.png

In my recent interview with Jesse Emerson, Director, Security Operations and Intelligence Consulting (SIOC) services, he says "We've noticed companies making a buzz about 'Next Generation SOC' -- we asked ourselves the question: ‘what generation are we in now?"

 

This is the question I want to ask you today: what generation are YOU in now? This whitepaper revisits the early days of SOC and documents the journey to today's leading SOCs, or as we call it: the 5G/SOC. I encourage you to read it and take a closer look at where you are.  It also highlights the major developments in security operations centers that were driven by technology enhancements and examines new tools as well as the sophistication of attacks.

 

"Our consultants in the HP Security Intelligence and Operations Consulting team have been working in the Security Operations Center field for well over a decade." Emerson says. "We've seen the "SOC" be reinvented several times over, and today's leading SOCs are doing things we only dreamed about 10 years ago."

 

SOC Generations: An evolution over three decades

By defining the generations of SOC, we can make predictions about the latest evolution—5G/SOC or the “NOW of security operations”.  This is not to say that all enterprises are running at the 5G/SOC level. It is an evolutionary process within a company. Organizations must utilize the tools of previous generations to build basic security operations capabilities, creating a strong foundation to begin incorporating the trends, data sources and goals of a 5G/SOC.

 

HP has defined the SOC generations as:

1st Generation SOC: 1975-1995

         Nuisance programs and minimally impacting malicious code era

2nd Generation SOC: 1996-2001

         Malware outbreak and intrusion detection era

3rd Generation SOC: 2002-2006

         Botnets, cybercrime, intrusion prevention and compliance era

4th Generation SOC: 2007-2012

         Cyberwar, Hactivism, APT and exfiltration detection era

The 5G/SOC: 2013-?

         Analytics and Big Data, Intelligence-driven methodology, Information sharing, Human adversary approach

 

Today’s leading SOCs are proactive

"Companies have a wide range of definitions for a SOC, ranging from basic alert processing teams to security device management services to glorified compliance teams to advanced and integrated cyber defense teams. Today's leading SOCs are data-driven and proactive, constantly analyzing and setting traps for adversaries. Today's SOCs not only respond to attacks in progress, but understand the marketplace of the adversary, their motivations and means, to provide risk-appropriate security intelligence and protective measures to their organizations." says Emerson.

 

HP Enterprise Security helps enterprises evolve their security operations from their current operating level to the 5G/SOC. We accomplish this  by helping you implement the proper:

  • Tools
  • Data feeds
  • Process around breaches
  • Training of security experts

 

We tie it all into your specific business goals, environment and operations.

 

"Read the reports; the breaches that we find out about are going hundreds of days without detection. Most of these are not detected by the compromised organization. Enterprises are breached and they need to advance to 5G/SOC capabilities to find these breaches and determine the level of compromise. Operating with outdated ideas about SOC capabilities is short-sighted and a tremendous risk." says Emerson.

 

Check out the full whitepaper here: "5G/SOC: SOC Generations"

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation