Building a New SOC or Re-invigorating an Existing One?

Pamela Warren

Category: Government, Vertical

Even within government, IT has to evolve at a rapid pace to remain relevant and deliver the services necessary for your communities. As the perimeter of the government’s IT environment expands, so do the risks of cyber attack, exploitation, and data loss.  Many government organizations are responding with a fundamental shift to their cyber security approach — moving away from a collection of point solutions, ad-hoc entities, and processes toward a more deliberate structure and the creation or re-architecture of dedicated Security Operations Centers (SOC) to manage and monitor a unified security architecture.

We’ve created a paper to help governments develop a structured approach to their SOC. The paper’s 4-step framework allows for integration into an Information Security Management System (ISMS) and alignment with many of the requirements within ISO/IEC 27001:2013.  The first step is to identify an executable mission including whom the SOC will serve, and where it will be located organizationally.  The second step identifies the services offered.  As the SOC and the supported organization mature, so can the services offered.  Once these foundational steps are completed, the organization can acquire and develop the appropriate people, process, technology, and intelligence to align with the mission and the services.  Concurrently, the SOC must establish and execute an effective communication strategy to get buy-in at all levels within the organization.

Our CSO, Rick Howard, has also written an article to give you thoughts on the types of staff you will need to man your SOC. In “The Top 5 Skills Needed for a SOC Analyst,” first published by CSO magazine in March, Rick discusses whether certifications are needed and the need for passion as well as experience.  In addition, Rick outlines the five skills needed for your SOC analysts – both those for the entry-level SOC analysts as well as your more senior analysts.

Ultimately, don’t skimp on the talent for your SOC and make sure to pay them competitive wages – you’re investing in the SOC and the key to its success will be hiring and maintaining the right talent.  The experience your seasoned analysts develop over time will be invaluable to staying alert and maintaining the security of your organization.

To download the paper and Rick’s article, head here.


1 Reader Comment

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

© 2018 Palo Alto Networks, Inc. All rights reserved.