security operations
Are You Going About the Talent Shortage Wrong? It’s Time to Stop MacGyvering
We all know the stats. The security workforce shortage is impacting two-thirds of organizations, while the gap — currently at 4 million — continues to grow. Security teams are short-staffed, to the point where a 25% say the inability to keep up with the workload is a root cause of security incidents…
Threat Hunting: How to Gain the Most Value
Sean Mason, Director of Cisco Incident Response Services and Jeff Bollinger, Investigations Manager, Cisco Security Incident Response Team (CSIRT) As security practitioners who continuously look for adversarial malice, one of the questions we are asked frequently is: What’s around the corner? Threat…
So You Want to Build a SOC: Foundations for Your Security Operations Team (Part 1)
As security consultants, we go into an extraordinary array of organisations’ security environments, all with very differing levels of maturity. Our clients consistently state a common desire: “We need a SOC.” Building a SOC doesn’t present a problem for Cisco’ Security Advi…
Black Hat USA 2017: Cisco Umbrella Joins the NOC
Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from vario…
A Comparison of SOC Models for Today’s Need of Monitoring & Detecting the Latest Cyber Threats
At Cisco, we are often asked to take a vendor agnostic approach when developing a Security Operations Center (SOC) strategy, and as such, we must consider the importance of distinguishing between the various types of SOC models in today’s demanding security needs. However, before explaining the vari…
Is Your Race to SOC Headed for an Epic Crash?
Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also in…
Active Threat Analytics: Easing the Burden of Threat Management
In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he w…
1