Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

5G/SOC: The NOW of security operations

‎05-20-2013 09:35 AM - edited ‎09-16-2015 01:58 PM

Today, most enterprises have some sort of security operations. Some are basic with a couple of security analysts monitoring the network in a best-effort manner; while others may have state-of-the-art security operations centers (SOC).  These capabilities usually evolve over years or decades depending on the needs of the organization—those that need more security have more security. We noticed this trend and decided to document this evolution in our newly published whitepaper "5G/SOC: SOC Generations".

 

In my recent interview with Jesse Emerson, Director, Security Operations and Intelligence Consulting (SIOC) services, he says "We've noticed companies making a buzz about 'Next Generation SOC' -- we asked ourselves the question: ‘what generation are we in now?"

 

This is the question I want to ask you today: what generation are YOU in now? This whitepaper revisits the early days of SOC and documents the journey to today's leading SOCs, or as we call it: the 5G/SOC. I encourage you to read it and take a closer look at where you are.  It also highlights the major developments in security operations centers that were driven by technology enhancements and examines new tools as well as the sophistication of attacks.

 

"Our consultants in the HP Security Intelligence and Operations Consulting team have been working in the Security Operations Center field for well over a decade." Emerson says. "We've seen the "SOC" be reinvented several times over, and today's leading SOCs are doing things we only dreamed about 10 years ago."

 

SOC Generations: An evolution over three decades

By defining the generations of SOC, we can make predictions about the latest evolution—5G/SOC or the “NOW of security operations”.  This is not to say that all enterprises are running at the 5G/SOC level. It is an evolutionary process within a company. Organizations must utilize the tools of previous generations to build basic security operations capabilities, creating a strong foundation to begin incorporating the trends, data sources and goals of a 5G/SOC.

 

HP has defined the SOC generations as:

1st Generation SOC: 1975-1995

         Nuisance programs and minimally impacting malicious code era

2nd Generation SOC: 1996-2001

         Malware outbreak and intrusion detection era

3rd Generation SOC: 2002-2006

         Botnets, cybercrime, intrusion prevention and compliance era

4th Generation SOC: 2007-2012

         Cyberwar, Hactivism, APT and exfiltration detection era

The 5G/SOC: 2013-?

         Analytics and Big Data, Intelligence-driven methodology, Information sharing, Human adversary approach

 

Today’s leading SOCs are proactive

"Companies have a wide range of definitions for a SOC, ranging from basic alert processing teams to security device management services to glorified compliance teams to advanced and integrated cyber defense teams. Today's leading SOCs are data-driven and proactive, constantly analyzing and setting traps for adversaries. Today's SOCs not only respond to attacks in progress, but understand the marketplace of the adversary, their motivations and means, to provide risk-appropriate security intelligence and protective measures to their organizations." says Emerson.

 

HP Enterprise Security helps enterprises evolve their security operations from their current operating level to the 5G/SOC. We accomplish this  by helping you implement the proper:

  • Tools
  • Data feeds
  • Process around breaches
  • Training of security experts

 

We tie it all into your specific business goals, environment and operations.

 

"Read the reports; the breaches that we find out about are going hundreds of days without detection. Most of these are not detected by the compromised organization. Enterprises are breached and they need to advance to 5G/SOC capabilities to find these breaches and determine the level of compromise. Operating with outdated ideas about SOC capabilities is short-sighted and a tremendous risk." says Emerson.

 

Check out the full whitepaper here: "5G/SOC: SOC Generations"

About the Author

Kerry_Matre

Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all