Put a SOC in it
To insource or outsource? – that is the Question.
With the way that the world is currently moving, the need for Cyber Security is unquestionable. Technology is now not only at the core of most businesses, but of the lives of individuals too. Our growing dependence on technology is undeniable, everything is connected to the Internet. From our computers to our cars and even some fridges, it is all connected. Whilst this is designed to make our lives easier and to help, it is paving the way for those with less savoury intentions. This is only going to become more and more apparent as the Internet of Things spreads like wildfire. In order to combat the threats posed by this connectivity we turn to Cyber Security. From a standard antivirus piece of software to a fully functioning Security Operations Centre (a SOC) the methods that we employ to protect us are evolving and becoming more and more complex to deal with the level of threat that we currently face. In this article I will be having a brief look at what I find to be the Pros and the Cons of both the in-house and outsourced SOCs. Please do comment your opinions below.
What is a SOC?
A SOC or Security Operations Centre is essentially the hub from which threats are tracked and monitored. It looks similar to one of the CIA bases of operations you will have seen in countless spy films. At its core a SOC is a room filled with analysts and engineers who monitor their SIEM (security information and event management) software for unusual activity and escalate what they perceive to be severe threats.
Why do you need a SOC?
Firewalls and intrusion detection systems are no longer enough to be able to deal with the threats that large companies are faced with on a day to day basis. A complex threat is very hard to detect and harder still to prevent. A SOC is designed to monitor your network day and night to provide continual protection against and detection of cyber threats, it offers a response capability to deal with an attack as it is happening and also often digital forensics specialists who can trace the origin of the attack. A SOC also offers a much greater capability when it comes to dealing with DDoS style attacks and allow companies to recover much quicker than would otherwise be possible.
In an in-house SOC your staff are going to know the environment and network that they operate in better than any outsider. They are much more likely to be more dedicated to protecting your company and its assets. Due to their knowledge of your network and systems they are going to be more able to customise a solution to be fit for purpose. This kind of SOC is going to be more efficient for your company than any SOC you could pay for and let’s not forget about knowledge retention. If you should decide to change from a manage service provider all the skills and know how gained by that team leave along with the service. Building a SOC from the ground up can be painstaking but it isn’t likely to be going anywhere any time soon.
There are a number of companies that provide top of the line managed SOC services, each one with a slight variation on the same core service. Providers include Symantec, Dell SecureWorks, Wipro, Tata, Mcafee, Verizon and many more. Using a managed service provider is the same with a SOC as it is for any other kind of service, it saves a lot of money in the outset. To set up a SOC yourself you will need to spend a small fortune on a variety of things including infrastructure, tools, recruitment, training, maintenance, consultancy and the list goes on. Using this kind of SOC actually tackles one of the biggest problems in the market at the minute, the skills shortage. The UK is facing a huge skills shortage when it comes to cyber security. One in three of the hiring managers we have been speaking to were actively looking for candidates, but struggled to find good quality skilled staff. 0.06% of UK graduates last year moved into cyber security as a field. This has become a massive factor in the decision on whether to move for an outsourced or an in-house SOC.
If the scales were set as they should be the decision on which kind of SOC your company would like should be a fairly balanced one. The unfortunate truth is that with the market in the way that it currently sits the scales are being tipped in favour of the outsourced type, that way the problem falls at the feet of your chosen provider. Adeptis group’s mission is to help tip those scales back, we are passionate about cyber security, it is all that we do. We work to connect companies with the best talent and are proud of that. We want to help protect data, assets and individuals from the ever present threat of cyber crime and we work hard to achieve that goal. We want to put the choice back in to your hands. If you would like to know more, please contact me.
Contact me if you are looking for a new job opportunity in SOC
+44 (0) 1273 855350