The NextGen Security Operations Center
Identification
The cybersecurity community is in need of a smarter security operations center. The SOC’s primary strengths are flexibility and adaptability while its biggest weakness is lack of visibility and insights. SOCs still can’t detect previously unknown threats, which has been a consistent problem. A previous SANS survey also found a need for more automation across the prevention, detection and response functions—particularly in prevention and detection, where the tools respondents use are mostly the same. As such, a need for the integration of robotic process automation (RPA), Artificial Intelligence (AI) and other cognitive sources are warranted. The DNA of the next generation SOC should consist of
advanced, adaptive and invisible analytics, along with cognitive strategies, as stated above, and security teams implementing security maturity curves for their SOCs if they want to see them get to the next level.
Scope of the NextGen SOC
A Security Operations Center (SOC) is an organized and highly skilled team and process whose mission is to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cyber security incidents with the aid of both technology and well-defined processes and procedures. The establishment of a next generation SOC requires protection, not only to companies, but individuals alike. For example, the SOC must be able to consider and protect the “Internet of Me” being the threat to the users of the Internet, regardless if they are individual users or companies, is increasing in quantity and quality.
The next generation SOC must be strategic, intelligence-led, and future proof by implementing new capabilities and developing a new ’fusion cell’ concept, being able to utilize big data, RPA, AI and machine learning, in addition to new and enhanced functions, including Cyber Intelligence, Insider Threat, Red Team, Hunters, Cyber Innovation, and Outreach, while constantly adapting to meet the challenges of the present and the future.