SOC 101 – What Is It?


Information security is becoming increasingly important for many organizations and industries – this is indeed a well-known fact. What is not as well-known to the information security layman is whether an organization can implement something that will give it an advantage over the latest threats.

The holy grail of information security, a security operations center (or SOC), is what will keep you ahead of the threat curve. This article will explore what a SOC is, the different roles and types of SOCs available, and some of the common responsibilities assigned to SOC personnel.

What Is a Security Operations Center?

A Security Operations Center, or SOC, is a team of dedicated, high-quality IT and information security experts and the facility that they work in. There are many advantages to using a SOC – from having a team of information security experts at your fingertips to the visibility afforded by an ensemble of cutting-edge information security technologies that would be beyond cost-prohibitive for most small- to medium-sized organizations.

The SOC facility is generally manned around the clock and utilizes state-of-the-art physical security to ensure an extra layer of protection for the physical assets it houses. These facilities can be massive and some even use top-secret security measures. One data center housing a SOC team in West Chicago, Illinois is using a former NSA electronic records building with all of its former top-secret security measures – talk about secure servers!

Different Roles on a SOC Team

SOC teams can accomplish a lot with just a few people, and one of the strengths of a SOC team is that it can use a string of different experts. Below is a list of just some of the different types of SOC team roles and a general description of what they contribute to the team:

(Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Greg Belding. Read the original post at: