Security Operations Center

  • TYPE: Combined Session DATE: Thursday, May 15, 2014 TIME: 17:00-18:00 LOCATION: AMMERSEE I


Building a SOC (Security Operations Center) is a tremendous challenge. But this is not only (and maybe not even primarily) about technology. As always, it is also about organization and about people. Do you have the skill sets in your organization to successfully run your SOC? The people who not only understand a single piece of security technology such as a firewall, but that have both the breadth and depth required for successfully building and running a SOC? Breadth, to understand the relationship of security events across various systems. Many of today’s attacks involve many systems, thus analysis also has to have a holistic, integrated view. On the other hand, people need to have te depth necessary to know each piece of the security apparatus as well as the ability to manage the specialists. These people, being both generalists and specialists, are a rare species.

Unfortunately, things are becoming more and more complex. More complex attacks, more complex IT environments - especially in connected enterprises or when looking at SCADA (supervisory control and data acquisition) systems and the IoEE (Internet of Everything and Everyone) - and more complex solutions to analyze threats: It is hard to solve this issue. Realtime Security Analytics, which means “Big Data Analytics applied to Security, powered by external realtime threat intelligence services” is promising, but complex. Understanding these systems, configuring not only rules but complex pattern detection, achieving valid and actionable results and understanding these is a tremendous challenge.

Thus, when building a SOC, there is a simple question to answer at the very beginning: How much should be on premises, and where to rely on services? These services can range from a second or third tier for full-service offerings. The panelists will discuss the need for this, not only from a skill and people perspective, but also with respect to cost, security, and bandwidth requirements.


Many organizations believe they need a SOC (Security Operations Center). But do they? And if yes, what makes up a real SOC? Which are the main and mandatory tasks of a SOC? Understanding the role a SOC plays in Information and IT Security is the first step to success – it is about plan, before building and running it. The panelists will discuss the scoping of SOCs, based on their best practice experience.


Reto Bachmann is the Senior Principal Solution Architect for Identity and Access Management at Dell Security EMEA. He has led numerous integration projects for reputable companies in D-A-CH and other countries. Reto has deep expertise in IAM implementations. Prior to his tenure at Dell, Reto,...

Jason Hill is the head of the SDDC (Software-Defined Data Center) practice in EMEA. Heading up a rapidly expanding team of pre and post sales experts, engineers and domain architects, Jason is responsible for delivering VMware’s SDDC to customers and partners across the region....

Amar Singh is Senior Analyst at KuppingerCole, an C-level executive, information risk & GRC expert, CISO, writer industry speaker leading the global information risk management landscape with an innovative, benchmark-setting and visionary approach and is engaged by organisations to help...

Log in to download the presentation:  


Session Links


European Identity & Cloud Conference 2014

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 13 - 16, 2014 Munich, Germany