PRO+ Premium Content/Information Security

Thank you for joining!

Access your Pro+ Content below.

November 2017, Vol. 19, No. 9

Are security operations centers doing enough?

This article is part of the Information Security issue of November 2017, Vol. 19, No. 9

Knocks on SOCs are not uncommon: Too many security operations centers are rudimentary, and organizations in almost all industries need to upgrade their capabilities. Some security operations centers (SOCs) run 24/7; others are 9 to 5. All focus on network monitoring and triage, looking at alerts and indicators of compromise to ensure performance metrics and service-level agreements are met. Coordination with IT or network operations centers (NOCs) may occur through dashboards or other communications, depending on the company. But security operations centers may not be as common as people think. And those that are operational often focus on detection and remediation with functions dispersed across groups and infrastructure, including the cloud. Security analysts who specialize in network intrusion detection, cyberthreat intelligence, reverse malware engineering, computer forensics, vulnerability scanning, network mapping and discovery and cyber incident response are often far from the reality. Randy Marchany, CISO at Virginia ...

Access this PRO+ Content for Free!

You forgot to provide an Email Address.
This email address doesn’t appear to be valid.
This email address is already registered. Please login above.
Please provide a Corporate Email Address.
You forgot to provide your first name.
You forgot to provide your last name.
You forgot to provide a job title.
You forgot to provide a company name.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Features in this issue

Are security operations centers doing enough?
by Steve Zurier
SOCs are maturing, but organizations facing the increased threat landscape understand that improving their effectiveness must be a priority in the year ahead.
Transitioning to the role of CISO: Dr. Alissa Johnson
by Alan R. Earls
Serving as White House deputy CIO prepared Johnson for her CISO role: "When we let the culture in a company or agency drive security governance or innovation, that's a problem."
The vulnerability management process after Equifax
by James Ringold
Cataclysmic security incidents highlight the importance of a vulnerability management program versus a patch management system. Here's how to implement a risk-based approach.

Columns in this issue

Are companies with a SOC team less likely to get breached?
by Kathleen Richards
Information security operations centers are “growing up,” according to one study. But, with staffing shortages and manual collection of data, performance metrics are hard to get.
From the White House to IBM Watson technology with Phyllis Schneck
by Marcus J. Ranum
The managing director at Promontory Financial Group, now part of IBM, talks about supercomputers, cryptography applications and her start in computer science.

View Information Security Archives

Access your Pro+ Content below.

Are security operations centers doing enough?

Features in this issue

Are security operations centers doing enough?

Transitioning to the role of CISO: Dr. Alissa Johnson

The vulnerability management process after Equifax

Columns in this issue

Are companies with a SOC team less likely to get breached?

From the White House to IBM Watson technology with Phyllis Schneck