Bookmark and Share

Evolving the SOC Through Security Orchestration

One of the questions Denise Hucke and her participants addressed was how their enterprises are incorporating their SOC with their NOC and achieving results. The talent pool is a specific challenge cybersecurity as a whole is facing, making it difficult to fully staff SOCs with talent who possess the necessary skills to make it an ideal team. Automation can greatly assist with plugging in the gaps a lack of talent leaves behind, but many security leaders feel apprehensive about automation and what can be achieved with it. Participants offered their solutions to these concerns. For instance, automation is capable of linking multiple alerts to the same attack, ensuring SOCs are correlating this information that might have been otherwise missed. For dealing with false positives and compromised accounts, a person doesn’t have to waste their time when automation can handle all of it, freeing up SOC members for more important, rewarding tasks. Automating everything may not be ideal for certain organizations, but it’s possible for organizations to automate the areas that are most at-risk of fraud, adding a layer of security that they didn’t have in place before. In addition to hiring for the SOC, companies should look into hiring talent specifically to handle the automation process, who can rapidly learn how your enterprise seeks to use it.