The NextGen Security Operations Center

The NextGen Security Operations Center

  • Dec 13, 2019

Identification

The cybersecurity community is in need of  a smarter security operations center. The SOC’s primary strengths are  flexibility and adaptability while its biggest weakness is lack of  visibility and insights. SOCs still can’t detect previously unknown  threats, which has been a consistent problem. A previous SANS survey  also found a need for more automation across the prevention, detection  and response functions—particularly in prevention and detection, where  the tools respondents use are  mostly the same. As such, a need for the integration of robotic process  automation (RPA), Artificial Intelligence (AI) and other cognitive  sources are warranted. The DNA of the next generation SOC should consist  of advanced, adaptive and invisible analytics, along with cognitive strategies, as stated above, and security teams implementing security maturity curves for their SOCs if they want to see them get to the next level.

Scope of the NextGen SOC

A  Security Operations Center (SOC) is an organized and highly skilled  team and process whose mission is to continuously monitor and improve an  organization’s security posture while preventing, detecting, analyzing,  and responding to cyber security incidents with the aid of both  technology and well-defined processes and procedures.  The  establishment of a next generation SOC requires protection, not only to  companies, but individuals alike. For example, the SOC must be able to  consider and protect the “Internet of Me” being the threat to the users  of the Internet, regardless if they are individual users or companies,  is increasing in quantity and quality. The  next generation SOC must be strategic, intelligence-led, and future  proof by implementing new capabilities and developing a new ’fusion  cell’ concept, being able to utilize big data, RPA, AI and machine  learning, in addition to new and enhanced functions, including Cyber  Intelligence, Insider Threat, Red Team, Hunters, Cyber Innovation, and  Outreach, while constantly adapting to meet the challenges of the  present and the future.