CIO OPINION
The SOC of the future will be increasingly data-driven , ingesting information from multiple sources within and outside the enterprise , but data without context or relevance simply overwhelms analysts .
Firas Ghanem , Regional Director – Middle East and Pakistan , ThreatQuotient
State of the SOC : Skills shortages , automation and gaining context remain a challenge
As security operations centres ( SOCs ) look to the next phase , focusing on people , data and the technology that enables the two to work effectively together is key . Firas Ghanem , Regional Director – Middle East and Pakistan , ThreatQuotient , tells Intelligent CIO Middle East how SOCs can drive improvements while keeping analysts engaged and giving them more time to upskill into key areas such as threat hunting .
The security operations centre ( SOC ) has been on the front line facing the pandemic-induced escalation of cybersecurity threats in the past 18 months . A 2020 study by Forrester found that the average security operations team receives more than 11,000 alerts per day and that figure is likely to have grown in the intervening period . While they were deeply engaged responding to the crisis , SOC teams were simultaneously facing the disruption common to all formerly office-based workers . They were switching to remote working and learning how to continue collaborating successfully with colleagues at a distance .
As SOCs take stock of the changes and challenges of the past year , it is an opportune moment to explore some of the factors that characterise the modern SOC , and the common issues experienced in this crucial sector .
The SANS 2021 Survey : Security Operations Centre ( SOC ) does just that in its fifth annual survey . By
44 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com