Chapter 4. SOC Strategy
“Study the past if you would define the future.”—Confucius
The output of the security operations center (SOC) assessment exercise, described in the preceding chapter, should provide you with a good understanding of your SOC objectives and your current security operation capabilities. This chapter describes how to craft a SOC strategy. The chapter also covers different SOC operation models and weighs the values of each approach. As the chapter concludes, you learn how to align the SOC strategy with a roadmap document so that the execution of the strategy can be monitored during the lifecycle of the SOC operation.
The first step in developing a SOC is to formalize a strategy. Let’s start by looking closely at how to create ...