Зарегистрируйтесь сейчас для лучшей персонализированной цитаты!

A Comparison of SOC Models for Today's Need of Monitoring & Detecting the Latest Cyber Threats

Feb, 20, 2017 Hi-network.com

At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today's demanding security needs. However, before explaining the various models that exist for today's need of monitoring and detecting the latest cyber threats, we must first understand, "What is the purpose of a SOC and what organizational goals would implementing a SOC achieve for the greater good of the organization?"

The purpose of a SOC is two-fold: provide central monitoring capabilities to detect, identify, and respond to security incidents that may impact the organization's infrastructure, services, and customers. The SOC aims to detect and contain attacks and intrusions in the shortest possible timeframe, limiting the potential impact and/or damage that an incident may have by providing real-time monitoring and analysis of suspicious events. If a SOC can halt an attack in action, it already has saved the organization time, money and possibly data exfiltration and brand reputational damages that may have been endured depending on the extent of the attack.

There are multiple models in which understanding the key differences becomes an invaluable measurement to the path an organization chooses to take when securing their daily operations from a monitoring and detection perspective. It is important to note that no two organizations are alike and the model that is chosen will highly depend on the following criteria, but not limited to: the size of the organization, the budget within IT Security, the skillset amongst IT personnel, previous incidents the organization has encountered in the past, the type of industry the organization is in, along with the data that the organization handles day-in and day-out.  All have a strategic impact in the way you will shape, design, and architect your SOC.

The Primary Models:

Internal SOC

Building an internal in-house SOC is recommended for large-sized organizations who are mature from an IT and IT security perspective. Organizations who tend to build internal SOCs have the budget to support an investment that includes 24

tag-icon Горячие метки: Security Services Security Operations Center (SOC)

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.