The Security Operations Centre’s relationship with the business
The basics – what is the organisation for?The first stage in ensuring the SOC meets the business needs is to identify the key business processes where IT is used, or where security is a potential issue.If there is already an IT division in the organisation, then that is a sensible place to start as they should have a list of services that they provide and an understanding of their criticality to the organisation.Another useful source of information is available if the organisation has undertaken any risk analysis, as the information from that may highlight the business priorities. However, these are only starting points and a more structured analysis of security issues will need to be undertaken at some point (eg looking at information security risks using the ISO 27005 standard).
Culture and capability – what can and will the organisation do?As well as knowing what the organisation needs in the way of security to meet organisational needs, you also need to understand the culture and capability of the organisation.
Want to keep
Coventry University online course,
Communication – influencing changeAs we mentioned above, it is not a one-way street, and the SOC is also responsible for taking a lead in security matters. In doing so, the SOC is responsible for helping to increase the security capabilities of the organisation and persuading the organisation to adopt a more security-aware culture. A key aspect of this is explaining the need for security in ways that align directly with organisational requirements and can be easily understood by people outside of the SOC. This is not always easy and, as discussed last week, having a business partner who is skilled in this can be very useful.
Education and trainingWhen we are explaining the need for a particular aspect of security we may find that the organisation is willing to accept the need, but does not have the capability. It is here that an often overlooked aspect of the SOC comes into play – that of education. It is rarely up to the SOC to deliver the training itself; however, the SOC is ideally placed to advise the organisation on the type of training that is needed to reduce the likelihood of security incidents.
ConflictIt is likely that at some point the operation of the SOC is going to come into conflict with a part of the operation of other parts of the business. This commonly happens when a control or monitoring system is implemented that has a negative impact on the performance of the other part of the organisation. Conflict of this type needs to be managed in a constructive manner and used as an opportunity for further communication between the SOC and the rest of the organisation.Having clearly defined processes and procedures that have been approved at board level are very useful in giving a framework to help resolve these disagreements. They are also essential at helping deal with emergency situations when a fast response is needed and you want the SOC staff to be able to react without fear of recrimination for their actions.It may not be possible to get the most secure IT system, but rather to get one that is appropriate for the organisation’s needs. This can sometimes seem as an unsatisfactory situation to those involved with the SOC, but it is more usefully seen as a challenge to have the SOC that is the best suited to that organisation as it is possible to be.
ReferenceBSI (2018) Information Technology. Security Techniques. Information Security Risk Management. [online] available from https://bsol.bsigroup.com/Bibliographic/BibliographicInfoData/000000000030372032 [30 July 2019]
Our purpose is to transform access to education.
We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.
We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.