In order to increase confidence in the ability to quickly stop stealthy attacks and adapt your defences to prevent future attacks, a SecOps function requires the right set of building blocks.
How do security organisations ‘protect and enable’ the business when faced with a skills gap, overwhelming amounts of data, highly automated attackers, evolving business… and the list goes on. This book helps you create a plan by breaking down the elements of security operations – offering clear identification of what building blocks are needed in a security organisation to meet the goals of the business.
The elemental pillars include the people, process, and technology aspects required to support the business, the visibility that is required to defend the business, and the interfaces needed with groups outside of the SOC to achieve the mission of the security organisation.
By utilising these elements in security operations, we can improve upon existing functions and develop those that are lacking, creating both opportunity and advantages for the SOC that end in desired results for the business.