The implementation of an SOC is the current trend, often also connected with the goal of overarching synergies, with the various auditing and monitoring goals or tasks and requirements in the future being realized through just 1 central division and optimal in terms of personnel and cost thanks to the synergy.
Therefore, the topic of SOC is of increasingly greater importance, connected with the new requirements, such as – among other things – the
> Implementation of the SOC: Decision about “internal or external?”, “Europe or even Bangalore?”
> Operation of the SOC: Cost-optimal SOC team without the CSOs, CIOs and other leadership levels having to be awakened at night to clarify irrelevancies or false alarms,
> Fulfillment of content-related hopes and expectations of everything, namely factual effectiveness on a top level for the protection of the company, since in future your SOC will be the only one that is watching, as well as
> Fulfillment of all regulatory expectations.
Overall, the SOC development is no easy task when the result may not be a “paper tiger,” but rather professional attacks and offensives, policy violations, etc. have to be factually recognized and alerted, and all regulatory authorities will be satisfied at their next onsite visit.
Where does the high responsibility come from? Through the above-outlined merge of departments, at one and the same time redundancy which before now had led to a sufficient detection quota is eliminated; had the one division not noted it, the other division might have been in a position to do so. If there is only the 1 SOC, it will be the Achilles’ heel of all company-wide security measures, and the company is reliant on its 200% effectiveness.
Openly expressed SOC requirements are thus:
> You have to know what is important and even critical.
> You must have sustainably understood ALL of your platforms.
> You must be in a position to crack the complexity sustainably of all important detailed topics so that the SOC team can work optimally or sensibly, in particular when it is located offshore.
You’re asking yourself with which partner you can be sure of mastering thez/OS-related SOC topics? With us! We know the mainframe inside out, we have developed unique far-reaching monitoring solutions, have coupled our solutions to all leading SIEM solutions, and we master the “intellectual requirement” in the SOC context for the mainframe on the “FF”.
Feel free to contact us when searching for an experienced partner to accompany your SOC implementation if this also includes the mainframe.