IDEAS home Printed from https://ideas.repec.org/a/aza/csj000/y2018v2i3p251-261.html
   My bibliography  Save this article

SOC 2030: Security Operations centres are broken, let’s fix them

Author

Listed:
  • Matre, Kerry

Abstract

Security operations centres (SOCs) are facing many challenges today, including a cyber security skills gap hampering the ability to hire and retain staff, an overabundance of low-fidelity data flowing into the SOC, a broken innovation consumption model and a lacking ability to measure capabilities of a SOC. To overcome these challenges, a fundamental change in the approach to SOCs must be made. The changes necessary to allow a SOC to protect an organisation against successful cyberattacks are not just limited to the SOC itself. They require tight integration with groups aligned with the SOC, including network operations, security engineering, and the lines of business themselves. A prerequisite to this tight integration is a clear mission statement of what service the SOC provides to the business, including what it does and does not do. From there, we can begin to alter the inputs and outputs of a SOC through implementation of a prevention-based architecture and mitigation automation, a new security innovation consumption model and continuous measurement of configuration and operational confidence. This paper will walk through the fundamental changes needed to meet the challenges SOCs face today and move towards the adaptive SOC of the future: SOC 2030.

Suggested Citation

  • Matre, Kerry, 2018. "SOC 2030: Security Operations centres are broken, let’s fix them," Cyber Security: A Peer-Reviewed Journal, Henry Stewart Publications, vol. 2(3), pages 251-261, December.
  • Handle: RePEc:aza:csj000:y:2018:v:2:i:3:p:251-261
    as

    Download full text from publisher

    File URL: https://hstalks.com/article/1485/download/
    Download Restriction: Requires a paid subscription for full access.

    File URL: https://hstalks.com/article/1485/
    Download Restriction: Requires a paid subscription for full access.
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    More about this item

    Keywords

    cyber security; security operations centre; cyber defence centre; prevention-based architecture; SOC 2030; SOC metrics; adaptive SOC;
    All these keywords.

    JEL classification:

    • M15 - Business Administration and Business Economics; Marketing; Accounting; Personnel Economics - - Business Administration - - - IT Management

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:aza:csj000:y:2018:v:2:i:3:p:251-261. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Henry Stewart Talks (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.