If you compare two companies that are similar in all of the key ways – size, industry, revenue – what would prevent one from appearing in the news due to a security incident and the other from avoiding this predicament entirely?
John Pescatore, longtime Gartner analyst and current SANS Institute director, has studied this question many times with colleagues and thinks he has the answer.
“It’s almost invariably the presence of a SOC (security operations center) or the maturity of a SOC,” he said. “That’s that the common denominator.”
Any business dedicated to growing its infosec stance is likely funneling the majority of funds to the operations side of the security house, where analysts are tasked with monitoring, detecting and responding to threats ranging from phishing to ransomware to rogue insiders – all with the hope that those actions will help reduce business damage when faced up against inevitable incidents.
But not everyone is finding the road toward SOC maturity obstacle free. So what is separating easy street from the boulevard of broken dreams?
To help shed some insight on the state of the modern-day SOC and how organizations are advancing, Siemplify commissioned the Cyentia Institute to survey hundreds of security operations professionals and query them on everything from the composition of their SecOps programs to who is handling which disciplines to how to achieve and measure maturity and success.
The result is “The Road to Security Operations Maturity: A Cyentia Institute Research Report,” a 26-page authoritative study. Use it to discover:
- The common size, roles and functions of security operations programs.
- Which works better: Tier- or team-based models?
- How to assess your SecOps maturity and pave a path forward.
- Recommendations for advancing your program amid current challenges.
The report, loaded with share-worthy statistics and trends that you can use in conversations with teammates and leaders, concludes with a list of practical best practices that fuse processes and human skills with capabilities and technology to help you pave a successful path forward.