security operations

March 11, 2020

SECURITY

Are You Going About the Talent Shortage Wrong? It’s Time to Stop MacGyvering

We all know the stats. The security workforce shortage is impacting two-thirds of organizations, while the gap — currently at 4 million — continues to grow. Security teams are short-staffed, to the point where a 25% say the inability to keep up with the workload is a root cause of security incidents…

October 3, 2019

SECURITY

Threat Hunting: How to Gain the Most Value

Sean Mason, Director of Cisco Incident Response Services and Jeff Bollinger, Investigations Manager, Cisco Security Incident Response Team (CSIRT) As security practitioners who continuously look for adversarial malice, one of the questions we are asked frequently is: What’s around the corner? Threat…

February 5, 2019

SECURITY

So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)

As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire:   “We need a SOC.” Building a SOC doesn’t present a problem for Cisco’ Security Advi…

July 27, 2017

SECURITY

Black Hat USA 2017: Cisco Umbrella Joins the NOC

Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from vario…

February 20, 2017

SECURITY

A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats

At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the vari…

November 7, 2016

SECURITY

Is Your Race to SOC Headed for an Epic Crash?

Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also in…

October 26, 2015

SECURITY

Active Threat Analytics: Easing the Burden of Threat Management

In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he w…