Episode 2 of “SOC Quarantine Diaries” welcomes Rod Arthur, a Level III SOC engineer at business process services company Conduent, for insight into someone on the front-lines of threat detection and response as businesses take on new cyber-risks from COVID-19. (Hint: Experience pays off.)
3:30: The strain on connectivity caused by VPNs and adjusting firewall rules.
6:20: Why alerts have risen and the need to address a “flood of false positives.”
15:40: An increase in ransomware attempts during the COVID-19 crisis.
19:50: What does a shift to more remote workers mean for security operations?
21:35: Dealing with users working remotely, but not necessarily from home.
25:00: The value of automation in the SOC.