One of the key themes of the upcoming RSA Global Summit is how best to build up as well as out a security operations center (SOC). This is not an easy task as it requires, more so than any other area of IT or IT security, the seamless marriage of the classic triad of people, processes, and technology. Once an organization starts to recognize the need for systematic improvement in their incident detection and response, they come to recognize that technology generally is the least hard part of the equation. In fact the building up and out of an organization’s SOC often coincides with their recognition that there is no such thing as a security “magic box”. What is needed is a balanced approach where the technology both maximizes the efficiency and effectiveness of the SOC analysts as well as helps drive, prioritize, and maximize the continual processes that make up an organization’s incident detection, investigative, and remediation program. The bottom line for this blog entry is if you want to engage deeper into this conversation in support of building up and out your organization’s SOC, plan to attend RSA’s Global (user) Summit this September 9-11. http://globalsummit.rsa.com/?utm_campaign=redirect&utm_source=blog&utm_medium=web
