Security Operations Center
Facebook Twitter LinkedIn

Security Operations Center

Combined Session
Thursday, May 15, 2014 17:00—18:00
Location: AMMERSEE I

Building your SOC: Realtime Security Intelligence On-Premise and/or as a Service?

Building a SOC (Security Operations Center) is a tremendous challenge. But this is not only (and maybe not even primarily) about technology. As always, it is also about organization and about people. Do you have the skill sets in your organization to successfully run your SOC? The people who not only understand a single piece of security technology such as a firewall, but that have both the breadth and depth required for successfully building and running a SOC? Breadth, to understand the relationship of security events across various systems. Many of today’s attacks involve many systems, thus analysis also has to have a holistic, integrated view. On the other hand, people need to have te depth necessary to know each piece of the security apparatus as well as the ability to manage the specialists. These people, being both generalists and specialists, are a rare species.

Unfortunately, things are becoming more and more complex. More complex attacks, more complex IT environments - especially in connected enterprises or when looking at SCADA (supervisory control and data acquisition) systems and the IoEE (Internet of Everything and Everyone) - and more complex solutions to analyze threats: It is hard to solve this issue. Realtime Security Analytics, which means “Big Data Analytics applied to Security, powered by external realtime threat intelligence services” is promising, but complex. Understanding these systems, configuring not only rules but complex pattern detection, achieving valid and actionable results and understanding these is a tremendous challenge.

Thus, when building a SOC, there is a simple question to answer at the very beginning: How much should be on premises, and where to rely on services? These services can range from a second or third tier for full-service offerings. The panelists will discuss the need for this, not only from a skill and people perspective, but also with respect to cost, security, and bandwidth requirements.

Building your SOC: Realtime Security Intelligence On-Premise and/or as a Service?
Presentation deck
Building your SOC: Realtime Security Intelligence On-Premise and/or as a Service?
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
Prof. Dr. Sachar Paulus
Prof. Dr. Sachar Paulus
KuppingerCole
Prof. Dr. Sachar Paulus is KuppingerCole Scientific Advisor and a former KuppingerCole Senior Analyst. Sachar was 8 years with SAP in leading security positions, responsible for Secure Software...

Plan, Build, run. What Makes up a Real SOC?

Many organizations believe they need a SOC (Security Operations Center). But do they? And if yes, what makes up a real SOC? Which are the main and mandatory tasks of a SOC? Understanding the role a SOC plays in Information and IT Security is the first step to success – it is about plan, before building and running it. The panelists will discuss the scoping of SOCs, based on their best practice experience.

Reto Bachmann
Reto Bachmann
Dell Security
Reto Bachmann is the Senior Principal Solution Architect for Identity and Access Management at Dell Security EMEA. He has led numerous integration projects for reputable companies in D-A-CH and...
Jason Hill
Jason Hill
VMware
Jason Hill is the head of the SDDC (Software-Defined Data Center) practice in EMEA. Heading up a rapidly expanding team of pre and post sales experts, engineers and domain architects, Jason is...
Amar Singh
Amar Singh
KuppingerCole
Amar Singh is Senior Analyst at KuppingerCole, an C-level executive, information risk & GRC expert, CISO, writer industry speaker leading the global information risk management landscape with...
Subscribe for updates
Please provide your email address