SOC 2030: Security Operations centres are broken, let’s fix them
Security operations centres (SOCs) are facing many challenges today, including a cyber security skills gap hampering the ability to hire and retain staff, an overabundance of low-fidelity data flowing into the SOC, a broken innovation consumption model and a lacking ability to measure
capabilities of a SOC. To overcome these challenges, a fundamental change in the approach to SOCs must be made. The changes necessary to allow a SOC to protect an organisation against successful cyberattacks are not just limited to the SOC itself. They require tight integration with groups
aligned with the SOC, including network operations, security engineering, and the lines of business themselves. A prerequisite to this tight integration is a clear mission statement of what service the SOC provides to the business, including what it does and does not do. From there, we can
begin to alter the inputs and outputs of a SOC through implementation of a prevention-based architecture and mitigation automation, a new security innovation consumption model and continuous measurement of configuration and operational confidence. This paper will walk through the fundamental
changes needed to meet the challenges SOCs face today and move towards the adaptive SOC of the future: SOC 2030.
Keywords: SOC 2030; SOC metrics; adaptive SOC; cyber defence centre; cyber security; prevention-based architecture; security operations centre
Document Type: Research Article
Publication date: 01 January 2018
- Cyber Security is the major new peer-reviewed journal publishing in-depth articles and case studies written by and for cyber security professionals. It will showcase the latest thinking and best practices in cyber security, cyber resilience, cyber crime and cyber warfare, drawing on practical experience in national critical infrastructure, government, corporate, finance, military and not-for-profit sectors.
- Editorial Board
- Information for Authors
- Subscribe to this Title
- Terms & Conditions
- Ingenta Connect is not responsible for the content or availability of external websites
- Access Key
- Free content
- Partial Free content
- New content
- Open access content
- Partial Open access content
- Subscribed content
- Partial Subscribed content
- Free trial content