The security operations center (SOC) plays a critical role in an enterprise organization’s efforts to protect their data from rapidly evolving cybersecurity threats. However, for a variety of reasons revealed in this report by the Ponemon Institute—based on a survey sponsored by Devo of more than 500 IT and security practitioners—organizations are frustrated with their SOC’s lack of effectiveness in performing its vital work.

As someone who began working in security operations centers (SOC) more than 30 years ago, back when we were known as computer incident response teams (CIRT), I am acutely aware of just how challenging it is to make a living as a SOC analyst. That’s why I’m so enthusiastic about the new Devo Security Operations Platform we launched recently.

A modern dynamic business needs to be proactive about their cyber security. A data breach can be costly, with latest estimates said to be (on average) £3.18 million, and reputational damage can be even harder to recover from. Hackers can strike at anytime from anywhere in the world, which means businesses have to be on guard 24/7. This is where the Security Operations Centre (SOC) comes in.

During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), which continue to plague corporate bank accounts. Ransomware has brought multiple cities, schools and universities to their knees, earning threat actors significant funds.

In advance of the RSA Conference 2020, we wanted to get a pulse of attendees’ perceptions on a few topics, specifically challenges facing modern SOCs (security operations centers) and the value they are getting from technologies such as analytics, automation, and their SIEM tools. To get this, we fielded a series of questions to the Twitter-verse and received nearly 17,000 votes! After going through the results, we found a few interesting things…

In so many ways, speed is a security analyst’s best friend. From threat detection to containment to response – the faster you are, the more secure your business will be. It’s exactly why metrics like dwell time, MTTD (mean time to detect) and MTTR (mean time to respond) exist. It’s a barometer for the strength of your organization’s security, and a gauge of success for any good security team.

In the age of the digital world, owning a Security Operations Center (SOC) is vital for the cybersecurity of every organization. However, it is not necessarily true that every SOC is effective against cyber threats and attacks. The main reason behind this fact is a lack of standardized SOC frameworks. SOC framework requires a document to be designed to provide guidelines, requirements, and specifications in order to support cybersecurity operations effectively.

Hi, Let's take a look behind the scenes and find out how Security Orchestration Automation and Response (SOAR) solutions can have a positive impact on your security investigation and response efficiency. In this article, I'll also highlight how Phantom-mobile makes your life as the “officer on duty” a lot easier.

In cyberwarfare, cybersecurity threats and attacks are constantly expanding and evolving. Due to the sophistication and modern approaches used by malicious actors, security professionals in Security Operation Centers (SOCs) are unable to deal with critical threats as effectively and quickly as possible.

Organizations build a SOC – a dedicated, centralized team of security experts – to effectively detect and respond to advanced threats. However, as SOCs deal with evolving threats and an expanding attack surface, advancements in the stack have not kept pace and analysts are feeling the pain.