Setting up a SOC in the Midst of a Pandemic
Setting up a new business is never easy. Ask any entrepreneur and they will tell you about the sleepless nights, long hours and endless anxieties along the way. But, when starting a business in the midst of a global pandemic, each of these issues is magnified tenfold and there are numerous new challenges along the way. Despite this, it hasn’t put some business owners off starting up, while the rest of the world is in lockdown.
Back in March last year, while Boris Johnson was announcing that the UK was heading into a national lockdown, cybersecurity firm Talion was in the process of completing a management buyout from BAE Systems.
BAE Systems initially founded its cybersecurity business in 2012, but in the spring of 2020, the commercial side of the business was the subject of a management buyout and Talion became an independent company. This meant that, as the rest of the UK was going into lockdown, Talion was homeless and just starting up.
Talion provides defense-grade cybersecurity services to some of the most highly targeted organizations in the world, which meant that while the company was transitioning out of BAE Systems, it needed to continue to maintain the highest levels of protection for its customers, as any downtime would have catastrophic consequences. The pandemic had also forced the company’s employees to work remotely, which meant that the whole process of establishing the new company had to be done virtually, without ever meeting in person. Not only did Talion need to establish a new HQ, it also needed to construct an entirely new security operations center (SOC) in a new location. However, with a stay-at-home order in place, this was going to have to be done remotely.
Here’s how they did it.
Setting up a Security Operations Center (SOC) Remotely
One of the biggest challenges Talion faced was ensuring its customers never suffered any loss of service while the transition was taking place. However, with COVID-19 causing an increase in cyberattacks and forcing businesses to digitally transform overnight, the stakes were higher than ever before. This added significant strain to the already pressured company, as any downtime experienced by customers could result in a successful cyberattack and untold damages to their business.
Another critical challenge was outages at its public cloud provider, Microsoft Azure. The pandemic had led to a surge in demand from enterprises for public cloud-hosted services, which caused outages and resulted in Microsoft having to cap some of its services. If Talion had been affected by the outages, it would have also resulted in downtime, which could then have a detrimental effect on its customers.
Talion identified Marshall’s Mill in Leeds for the company’s SOC site. The Mill, which dates back to 1791, is home to an impressive array of creative agencies and tech companies and its premises were close to the University of Leeds, which offers degrees in cybersecurity, allowing close proximity to budding cybersecurity talent.
After identifying the new premises, Talion’s next challenge was migrating its existing SOC while ensuring their security monitoring service experienced zero downtime. Anyone that works in a SOC knows that it is the central hub of security – with rows of computers and big screens monitoring for cybersecurity threats as they occur. Only two people from Talion were allowed to visit the SOC during its construction, and they ended up mapping out where things would go using books and tape; they set up all the kit in the new location by themselves, which was no small feat!
Fortunately, the process was a huge success and they did not suffer any downtime. In fact, the company’s customers were not even aware they had been migrated to the new SOC, which was a major compliment to receive and highlighted there was no compromise in security while the transition was taking place.
A New SOC: Onward and Upward
While this was undoubtedly an unusual situation for a company, it does highlight how technology has been the biggest enabler throughout the pandemic and that, even while the world was in lockdown, people and businesses carried on.
The Talion team are now running a robust yet agile service, keeping their global customer base safe. However, with the pandemic ongoing, it will be a long time before they make full use of their newly established SOC, as social distancing is still forcing the majority of their employees to work from home.
So, what were the key lessons learned? First, try to avoid setting up a new company in the midst of a global pandemic! Second, nothing is impossible, even when the odds are against you. And third, you need a team of very capable engineers, who you trust completely to get the job done as you cannot control the curveballs being thrown at you without them.
