If you haven’t read our 2021 Cybersecurity predictions blog and whitepaper, I recommend that you do. In it, you’ll find one prediction that might be somewhat controversial—the death of the Security Operations Center (SOC).
I wanted to delve a little deeper into this particular prediction, as it is pretty close to my heart. I run IntelliGO’s Threat Hunting team and what would historically have been called our SOC.
The concept of the traditional SOC is dying off, and in 2021 we will see the broader acceptance and adoption of the idea of a remote SOC driven by the realities of technological development and the necessities imposed by the pandemic.
This change has implications for what makes up the SOC as well as the capabilities of threat hunters. And it’s a change that IntelliGO is uniquely prepared not just to embrace but to lead, given the unique situation we found ourselves in with adopting early disparate geographic distribution of our SOC.
The Death of Our SOC
Our big plan for 2020 was the rapid reformation of IntelliGO’s SOC. This change was due to a unique combination of factors, including our recent acquisition by ActZero, which meant that we now had security experts working quite far apart from one another. Our collaborative culture meant we needed to find and optimize the best ways to work together. As the head of Operations, I was tasked with coming up with a DRecovery (DR) strategy that allowed our threat hunters to service their clients from anywhere.
Then came the pandemic.
And, as with so many companies, the necessities of the pandemic accelerated what we were already moving towards. So, in some sense, we were lucky that we’d already been laying the groundwork for these changes. But luck also favors the prepared. While we (Read more...)
*** This is a Security Bloggers Network syndicated blog from IntelliGO MDR Blog authored by Jennifer Mitchell. Read the original post at: https://mdr.intelligonetworks.com/blog/discussing-cybersecurity-outcomes-not-features-with-cios-0