Main Menu
MENUMENU
  • Home
  • TPG Electronics
  • Solutions
    • Information Technology Solutions
    • Cybersecurity
      • Awareness & Training
      • Cloud Security & Compliance
      • Information Security Consulting
      • Managed Security Operations Services
      • Penetration Testing Services
      • Governance, Risk, and Compliance
      • Risk Management
        • Understand Your Risk
        • Risk Remediation
        • Monitor Your Risk
        • Security Technology Implementation
      • Secure Software Development Life Cycle (SSDLC) Solutions
      • SMB Security
  • Services
    • Audio Design & Installation
    • Lighting Design & Implementation
    • Video Design & Implementation
  • About
    • Core Values
    • Leadership Team
    • Careers
    • Blog
  • Free Consultation
The Penn Group, LLC Columbus Ohio Logo
MENUMENU
  • Home
  • TPG Electronics
  • Solutions
    • Information Technology Solutions
    • Cybersecurity
      • Awareness & Training
      • Cloud Security & Compliance
      • Information Security Consulting
      • Managed Security Operations Services
      • Penetration Testing Services
      • Governance, Risk, and Compliance
      • Risk Management
        • Understand Your Risk
        • Risk Remediation
        • Monitor Your Risk
        • Security Technology Implementation
      • Secure Software Development Life Cycle (SSDLC) Solutions
      • SMB Security
  • Services
    • Audio Design & Installation
    • Lighting Design & Implementation
    • Video Design & Implementation
  • About
    • Core Values
    • Leadership Team
    • Careers
    • Blog
  • Free Consultation
  • Phone (614) 741-5306
  • Email sales@thepenn.group
  • Address 6986 Norton Crossing St. New Albany, Ohio 43054

Build Your Security Operations Center (SOC)

Home  ›  Cybersecurity  ›  Build Your Security Operations Center (SOC)

Build Your Security Operations Center (SOC)

A Security Operations Center (SOC) reduces expenses by reducing the costs of incidents by providing visibility to your organization of security events and incidents.

managed-security-services, security-operations-center

When working with our clients, my team at The Penn Group works around a philosophy that we believe enhances our client’s ability to make risk-based decisions. Translating academia to operationalization, the goal is to improve your organization’s ability to do security while reducing your risk. In today’s blog, we are going to explore how to build your security operations for your organization.

Key Takeaways:

  • The creation, implementation, and management of a Security Operations Center (SOC) is an expensive but necessary operational security activity.
  • A Security Operations Center (SOC) provides immediate value to your organization and proves the return on investment on security.
  • If a Security Operations Center (SOC) is cost prohibitive, a Managed SOC via a Managed Security Service Provider (MSSP) is a compelling option, despite the drawbacks.

Maximize Visibility

Protecting your organization is a 24 hour a day, 7 day a week, 365 day a year responsibility. Every day, cybercriminals from around the world attempt to penetrate the information systems of companies big and small. Unfortunately, even for the most well-funded security programs, achieving broad visibility of systems on a network is a daunting challenge. Achieving visibility on your network is typically accomplished via a Security Operations Center (SOC).

20%: Percentage of practitioners who say their SecOps practices are mature

Only one in five respondents to a survey of over 250 security operations practitioners described their organizations as having a mature security operations capability. The remaining 80% reported that they are just getting started on their maturity journey or are only midway through it.

Source: 2019 Security Operations Maturity Report

Building a Security Operations Center (SOC)

A Security Operations Center is a centralized collection of activities, focused on understanding the events that effect the confidentiality, integrity, and availability of data within an organization. Building a security operations center can take years, cost tens of millions of dollars, and requires consistent, expert leadership.

Select Your Technologies

In order to build a Security Operations Center (SOC), the security team must select a technology stack to build security operations on. With thousands of security vendors claiming to be the magic bullet of security, breaking through the noise can take months or even years. The selection process must balance cost, performance impacts, privacy implications, organizational policy, legacy systems, politics within the organization, and time to implement. For each technology, all of these criteria must be considered, and there are potentially hundreds of technologies that must be implemented.

Staff Your SOC

Once you have your technology selected, then you must staff your security operations center. A collection of Security Analysts, Security Engineers, and leaders will be required. Staffing is the most difficult aspect of standing up a SOC. Your staffing needs are based on the hours of coverage needed by your organization, which is defined by your risk appetite. Your risk appetite is your organization’s willingness to take on risk. For example: If you’re a bank, you will not be very tolerant to risk, as the financial losses would be dramatic. If you’re a small business, your risk appetite may be higher.

For organizations with a low risk appetite, and require the highest protection, a SOC with 24/7/365 coverage is needed. Just to achieve this basic level of coverage, you would need to hire at least 5 people, although the number is actually closer to 10. A large shortage of specialized security talent exists in the workforce. With a 0% unemployment rate, recruiting qualified security analysts and engineers is extremely difficult and comes with a high price tag. We have seen security engineers fetch a price tag north of $150k USD per year. Even with the most basic of coverage, the labor costs for a 24/7/365 SOC could extend north of $20 million USD per year.

Justifying Your SOC

The core goal of a Security Operations Center (SOC) is to improve the visibility of cyber activity to the security team. When the SOC team uncovers an event, the incident response process kicks in. The justification to the business for such a large expenditure is a story that must be told consistently and often to the C-Level. This is accomplished through the reporting of Key Performance Indicators (KPI). KPI measures for a SOC should be carefully considered, balancing risk, activity, and relevance. KPIs should tell the story of how effective your SOC is at reducing cyber threats. Remember, you won’t be able to stop everything. Your goal is to reduce, minimize, and mitigate cyber events.

Managed Security Operations

If your cybersecurity defenses fail to protect your organization, the consequences can and will undermine your mission, threaten your brand image, and invite litigation from the regulatory agencies. For most organizations, it is just too expensive to stand up a SOC from scratch.

To adequately protect your organization, you need a complex web of technical security, organizational security, and managerial security controls that defend against attacks. Installing security technology, managing it, and monitoring it can be an untenable cost overhead for even medium to large organizations. Not to mention the constricted labor market applying pressure on finding qualified security talent to staff such security teams. Beyond technical security, organizations must have effective security policy and processes in place to ensure that they are protected in the event of a breach scenario. While some might argue that the Cloud is a safe space to operate, without requiring security, this is a false notion. A significant number of data breaches have occurred due to inadequate or misconfigured security within the Cloud.

You’re Not Safe in the Cloud

Protecting Your Organization with Managed Security

Because protecting your organization is a 24 hour a day, 7 day a week, 365 day a year responsibility, it is not enough to “lock down” your systems and call them “secure”. This is called checkbox security. Checkbox security is a false sense of security, under the illusion that your organization is protect because you “do” security.

With the tremendous costs of standing up a SOC from the ground up, a compelling alternative is to standup a Managed Security Operations Center (MSOC) with a third party. The Penn Group offers full managed services including security operations, patching, and management to ensure your organization is protected. Managed security providers offer the advantages of a fast time to implementation, reduction in costs, and a qualified team of security experts already recruited. The problem with a Managed Security Service Provider (MSSP) is that you become “locked in” to the technology of a Managed Security Service Provider. Typically, a provider will have a predefined tech stack that must be utilized. You should consider if utilizing a predefined set of technologies is the right solution for organization.

Summary:

  • The creation, implementation, and management of a Security Operations Center (SOC) is an expensive but necessary operational security activity.
  • A SOC provides immediate value to your organization and proves the return on investment on security.
  • If a SOC is cost prohibitive, a Managed SOC via a Managed Security Service Provider (MSSP) is a compelling option, despite the drawbacks.

About The Author:

Austin_Harman, President & CEO, The Penn Group
Austin Harman, CISSP, CAP, Security+
facebookShare on Facebook
TwitterTweet

Post navigation

« How To Draft an Information Security Policy
Pursuing Compliance: Here Is Why You’re a Walking Data Breach »

Leave a reply

Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Applications

  • Technology Integration
  • Audio Design & Implementation
  • Lighting Design & Implementation
  • Video Design & Implementation
  • Network Design & Engineering
  • Cybersecurity

 

  • Industry Experience
  • House of Worship
  • Enterprise
  • Small Business
  • Non-Profit

Our Commitment To You

You are not a number, but a partner

One of The Penn Group’s core values is Excellence. Our customers deserve our best, and nothing short. We are on a mission to create integrated experiences that just work. We are obsessed with delighting and inspiring through excellence. We bring out best. We develop the best people, and we deliver the best results, anything less is unacceptable.

Austin Harman, President & CEO

We’d Love To Connect With You

Search

Get in Touch

Find Us

Address
6986 Norton Crossing St.
New Albany, Ohio 43230

Hours
Monday—Friday: 9:00AM–5:00PM

The Penn Group, LLC Logo Footer

Unite Your Technology and Beat The Competition

  • Audio Design & Installation
  • Video Design & Implementation
  • Lighting Design & Implementation
  • Information Technology Solutions
  • Free Consultation
  • Contact The Penn Group

© 2022 The Penn Group, LLC.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. The Penn Group does not and will not sale your data. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT