Historically, Security Operations Centres (SOCs) have been adopted by very large enterprise organisations as a centralised function to deliver cybersecurity event monitoring, threat detection and response.
As cyber threats are increasing in frequency and severity; modern organisations of all sizes are now realising that it is no longer a matter of if but when they will face attack. It is more likely than ever that they will suffer a breach as a result, stemming a shift from prevention only to a more proactive prevention and detection approach – under the control of a SOC.
To build and run a SOC in-house however, the cost of entry remains high. A DIY approach could easily represent a minimum £1 million annual investment.
This paper discusses the different types of SOC Models, their pros and cons, and offers guidance on how to selecting a SOC model that suits your organisation.