July 3, 2016

Security Operations Centre – Design and Build

Today most organisation have a business requirement to perform proactive monitoring of their infrastructure to detect and respond to security attacks.  We offer services to help organisations build a Security Operations Centre (SOC) capability, with a comprehensive approach to defining the business drivers for such a capability, designing services that will be delivered by the SOC, and development of processes and procedures that the SOC will operate with.

CyberRisk’s experienced security operations consultants can help you understand your business requirements and define your use cases, perform the necessary planning, design of infrastructure, establish service catalogue definitions, document processes, and assist with the configuration of your SOC infrastructure and tooling.

CyberRisk can also assist with selecting appropriate technology that is best fit to the organisation’s monitoring requirements, in addition to providing log data on-boarding to Security Information and Event Management (SIEM) platforms, configuration of alerting and development of monitoring dashboards.

Additionally, CyberRisk has experience in assisting organisations who choose to outsource some of their security monitoring needs to a third party Managed Security Service Provider (MSSP) and can provide consulting support throughout the process. CyberRisk offers support services to clients who are looking to run a Request For Proposal or Request For Quotation process, where we will work with you to define your MSSP service requirements, evaluate vendor proposal responses, and review proposed MSSP service and support agreements to make sure your organisation is receiving a service that meets your needs, represents value for money, and the support terms offered by the chosen MSSP are reasonable.

 CyberRisk Value

We can provide answers to the following questions:

  • Are you being proactive in monitoring your environment to help defend against security threats?
  • How mature is your security operations capability compared to other organisations of similar size?
  • Are you collecting the right type of logs to provide the visibility required to detect malicious activity?
  • Do you have the right tooling in place to enable your team to see, identify, and act upon threats in your environment?
  • Are the process workflows in your security operations capability designed in the most effective way?
  • How can your SOC or Security Operations team achieve efficiency improvements?