Characteristics of a successful SOC

First, do you know the fastest path to building a capable security operation center (SOC)?

 

HP’s State of Security Operations 2014 report found that it is actually suffering through a public breach. When a company experiences that financial loss or brand damage to their organization, they finally have a business case to invest in the proper enterprise security infrastructure.

 

This reactive model cannot continue and it cannot be your strategy for dealing with ever-evolving cyber threats. With the cost of data breaches increasing by 78 percent over the last four years, not investing in a capable SOC is simply bad business. HP’s study found that only seven out of ten organizations are meeting business goals and compliance requirements, and that is just too much low-hanging fruit for the cyber bad guys.

 

Building a successful SOC

So you’re convinced it’s time to go forward and bulk up your cyber defense infrastructure, but what does a successful SOC even look like? HP has accumulated the largest dataset of its kind to answer that exact question. Here are the top 10 do’s and don'ts of a successful SOC:

SOC fail.jpg


Of course sometimes these things are easier said than done, as HP found using the Security Operations Maturity Model (SOMM) (which allowed for a consistent way to measure the evolution and progress of a SOC using a 5 point scale). HP found that it usually takes organizations with a funded and dedicated effort, leveraging an existing framework and expert consulting, 1 year to reach an aggregate maturity score of 2.0, two years for a 2.5, and three years for a 3.0. However, those organizations that chose to build a SOC independent of an existing framework or experienced program management have a hard time reaching and maintaining a level of 1.7, with the average enterprise having an aggregate score of 1.63. 

 

Digging deeper into the 4 components of the SOMM scores (people, process, technology, and business) reveals another story. Organizations have more technology maturity than they do in the people and process dimensions, with average scores of 1.8 and 1.5 respectively. This is not surprising, considering most companies focus on a technology solution without putting the proper effort into the people and process aspects of cyber defense. Cyber criminals are becoming increasingly more sophisticated and putting more demand on our organizations in order to adopt a compressive approach to their SOC deployments, one that covers all dimensions of the SOMM score.

 

The good news, is HP’s security intelligence and operations consulting (SIOC) team can get your organization up and running fast with one of the most advanced 5G/SOCs in the world. Our SIOC team has built more enterprise security operation centers than anyone in the world. HP also runs its very own Cyber Defense Center, which has the 2nd largest implantation of ArcSight in the world. With decades of front-line experience, and our very own SOC, we are able to accelerate security advances and continually feed them back into our consulting practice--keeping our customers at the cutting edge of cyber security.

Labels: ArcSight
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
This account is for guest bloggers. The blog post will identify the blogger.
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.