You should be, which is why you
should buy “Designing and Building a Security Operations Center”. What
is an operations center? Think of NASA, such as in a movie or real life for
that matter. So what about an SOC? A Security Operations deals more with
security than other operations of a business. You will have specialists, such
as people who deal with communications, telephony, and web services. But they
will be a team, with a manager and they will work together, rather than as just
one person. Although I think there may be instances in a very small business,
such as a web-based business where there is only one employee, who also is the
owner, and whatever else is needed. Many hats, one person. But as that person
expands in business, they will possibly have an SOC. If they don’t, I seriously
think they definitely should. Because when you have a business and sell
anything online, or even a physical, brick and mortar store, you still need
security. You have to protect your clients’ information.
There have been an awful lot of
stories in the news whose credit/debit card transactions were compromised, and
at least one even had the money rerouted to somewhere else. (Of course, I could
have misunderstood this story.) It went on for quite a while. I would think
they would have caught this long before they did. Where was the SOC then? Did
they even have one? Shame on them if they didn’t. I personally have no idea if
they did or did not have an SOC.
If you follow the directions in this
book, then you have no excuse for not having an SOC. In this book, there are
three appendixes. Each one serves a purpose. In Appendix A, you will see common
types of attacks, also entry points and threat vectors. Appendix B deals with
security devices, while Appendix C deals with the types of functions and services
you can utilize in an SOC. Copied and pasted from Appendix C:
Each service can be provided in one or more
of five categories:
• Network
• Host
• Application
• Data
• Intelligence
As you can see from the above list, this book is comprehensive
in dealing with an SOC. I recommend this book to anyone who is concerned with
security and would to tighten up their security measures.
No comments:
Post a Comment