Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Characteristics of a successful SOC

HPE-SW-Guest ‎07-10-2014 11:00 AM - edited ‎09-16-2015 04:19 PM

First, do you know the fastest path to building a capable security operation center (SOC)?


HP’s State of Security Operations 2014 report found that it is actually suffering through a public breach. When a company experiences that financial loss or brand damage to their organization, they finally have a business case to invest in the proper enterprise security infrastructure.


This reactive model cannot continue and it cannot be your strategy for dealing with ever-evolving cyber threats. With the cost of data breaches increasing by 78 percent over the last four years, not investing in a capable SOC is simply bad business. HP’s study found that only seven out of ten organizations are meeting business goals and compliance requirements, and that is just too much low-hanging fruit for the cyber bad guys.


Building a successful SOC

So you’re convinced it’s time to go forward and bulk up your cyber defense infrastructure, but what does a successful SOC even look like? HP has accumulated the largest dataset of its kind to answer that exact question. Here are the top 10 do’s and don'ts of a successful SOC:

Of course sometimes these things are easier said than done, as HP found using the Security Operations Maturity Model (SOMM) (which allowed for a consistent way to measure the evolution and progress of a SOC using a 5 point scale). HP found that it usually takes organizations with a funded and dedicated effort, leveraging an existing framework and expert consulting, 1 year to reach an aggregate maturity score of 2.0, two years for a 2.5, and three years for a 3.0. However, those organizations that chose to build a SOC independent of an existing framework or experienced program management have a hard time reaching and maintaining a level of 1.7, with the average enterprise having an aggregate score of 1.63. 


Digging deeper into the 4 components of the SOMM scores (people, process, technology, and business) reveals another story. Organizations have more technology maturity than they do in the people and process dimensions, with average scores of 1.8 and 1.5 respectively. This is not surprising, considering most companies focus on a technology solution without putting the proper effort into the people and process aspects of cyber defense. Cyber criminals are becoming increasingly more sophisticated and putting more demand on our organizations in order to adopt a compressive approach to their SOC deployments, one that covers all dimensions of the SOMM score.


The good news, is HP’s security intelligence and operations consulting (SIOC) team can get your organization up and running fast with one of the most advanced 5G/SOCs in the world. Our SIOC team has built more enterprise security operation centers than anyone in the world. HP also runs its very own Cyber Defense Center, which has the 2nd largest implantation of ArcSight in the world. With decades of front-line experience, and our very own SOC, we are able to accelerate security advances and continually feed them back into our consulting practice--keeping our customers at the cutting edge of cyber security.

0 Kudos
About the Author


This account is for guest bloggers. The blog post will identify the blogger.

27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all