Defining and Operationalising a SOC Target Operating Model Using the SOC–CMM
Security operations can be hectic. Running the SOC business includes dealing with continuous and ever–increasing event and alert flows, managing incidents, reducing false positives, and analysing and responding to threats. This is all in a day’s work. However, balancing operational activities with continuous improvement and managing SOC expectations and ambitions can be challenging.
In 2020, Gartner released a research paper on creating a SOC target operating model: Create a SOC Target Operating Model to Drive Success. This is an excellent piece of work that outlines the importance of creating a Target Operating Model (TOM) to provide strategic direction for the SOC. This strategic direction is crucial for obtaining long–term goals, supported by the right level of management within the organisation. This whitepaper explains how to use the SOC–CMM to define and operationalise your target operating model, introduces the SOC–CMM SOCTOM tool, and provides best practices and guidance for defining your SOCTOM.
finance des activités extraordinaires
renforce les liens et échanges entre les spécialistes de la sécurité
consolide son statut de référence auprès des décideurs
réunit les conditions pour maîtriser les risques en toute connaissance de cause