Ten Strategies of a World-Class – Cybersecurity Operations Center
Today’s cybersecurity operations center (CSOC) should have everything it needs to mount a competent defense of the ever-changing information technology (IT) enterprise. This includes a vast array of sophisticated detection and prevention technologies, a virtual sea of cyber intelligence reporting, and access to a rapidly expanding workforce of talented IT professionals.
Yet, most CSOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise. The deck is clearly stacked against the defenders. While the adversary must discover only one way in, the defenders must defend all ways in, limit and assess damage, and find and remove adversary points of presence in enterprise systems. And cybersecurity experts increasingly recognize that sophisticated adversaries can and will establish lasting footholds in enterprise systems.