Chapter 4. SOC Strategy

“Study the past if you would define the future.”—Confucius

The output of the security operations center (SOC) assessment exercise, described in the preceding chapter, should provide you with a good understanding of your SOC objectives and your current security operation capabilities. This chapter describes how to craft a SOC strategy. The chapter also covers different SOC operation models and weighs the values of each approach. As the chapter concludes, you learn how to align the SOC strategy with a roadmap document so that the execution of the strategy can be monitored during the lifecycle of the SOC operation.

The first step in developing a SOC is to formalize a strategy. Let’s start by looking closely at how to create ...

Get Security Operations Center: Building, Operating and Maintaining your SOC now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.