What is a SOC and why do you need one?
Asked to imagine a typical SOC, most people will picture a physical facility with people at banks of computers, facing a wall of screens filled with network and system data. The sort of complex, expensive facility reserved for a tier-one bank, government organisations or NASA.
A SOC is a facility where security staff defend against breaches and identify and mitigate security risks. The analysts and security specialists staffing the SOC monitor everything from governance, risk and compliance (GRC) systems to intrusion prevention and detection systems to next-generation firewalls.
Although SOCs were once large and expensive, the proliferation of the cloud and services supplied by third parties have made the technology more affordable. Just as security becomes a more widespread concern, the SOC has become more accessible. Organisations of all sizes are at risk today and therefore need to implement better security measures.
The SOC is no longer necessary for just the regulated sectors or those handling sensitive data. Helping to increase accessibility is the fact that a SOC no longer needs to be a physical facility. These days, the SOC can be virtual and its staff remote. Some organisations set up a managed or hybrid SOC, combining in-house people and tools with expertise from a managed service provider.