This essay focuses on reviewing the plans for establishing an internal SOCC.Moreover, how your selected best practices support the phases of the incident response process (i.e. Incident Detection, Containment, Eradication, & Recovery) and discuss the role of that a Security Operations Center will play in making sure that incidents are in handling and in report in an effective and efficient manner.
Week 6: Moreover, Security Operations & Control Center Talking Points & Discussion
Contains unread posts
Must post first.
In your talking points, you should address how your selection for best practices support the phases of the incident response process and discuss the role of that a Security Operations Center will play in making sure that incidents are in handle and in report in an effective and efficient manner.
Your “talking points” should be 3 to 5 paragraphs long (15 – 25 specific bullet points).
Your audience is a group of Sifers-Grayson executives who are reviewing the plans for establishing an internal SOCC. (Outsourcing the SOCC was a consideration and that option was a reject.)
Provide in-text citations and references for 3 or more authoritative sources.Finally, put the reference list.
SOCs have been typically built around a hub-and-spoke architecture, where a security information and event management (SIEM) system aggregates and correlates data from security feeds.model can risk and compliance (GRC) Spokes of this systems, application and user and entity behavior analytics and threat intelligence platforms (TIP).
The SOC reports to the CISO, who in turn reports to either the CIO or directly to the CEO.