5 Steps for Implementing an Effective Cyber SOCProVise Consulting's Aadesh Gawde Outlines Strategy for Success
Cyber SOCs, the next generation of security operations centers, need to use a new approach to detecting emerging attacks, says Aadesh Gawde, principal consultant at the Dubai-based IT risk consultancy ProVise Consulting, who offers implementation tips.
"Five years ago, a SOC was primarily a rule-based technology. But now it's impossible to write a rule and predict an attack," Gawde says in an interview with Information Security Media Group. "So the known attack surfaces have actually shrunk and there is a vacuum created for unknown attack surfaces."
CISOs need to take five key steps when implementing a cyber SOC, Gawde says. Those include:
- Assess the overall security maturity of the organization and the level desired;
- Size up the threat landscape;
- Select the appropriate technology;
- Choose an operating model;
- Create performance metrics.
In this interview (see audio link below image), Gawde also discusses:
- The length of the rollout process for a cyber SOC;
- Attacks not addressed by a cyber SOC;
- The evolving role for cyber SOCs.
Gawde is a principal consultant at ProVise Consulting responsible for driving the firm's consulting and security assurance portfolio. He also oversees the quality management and innovation functions at ProVise. Previously, Gawde worked at Ernst & Young, directing more than 150 IT advisory, risk and compliance projects as a project manager, subject matter expert and technical lead.