Tuesday, January 31, 2012

Do Utilities need a Security Operations Center (SOC)?

Of course, it's presumptuous for me to presume to know what work be best for any given utility. I can only work from generalizations of the industry as a whole, so please don't take this the wrong way.  

But yes, I most certainly think they do. And a CSO as well. I support anything that can make security a more tangible, centralized, measurable and manageable enterprise function. But of course you already know that.

However, it's not just me. Read THIS, from Dark Reading. Before that, though, a couple of snippets you may find useful.

After you decide to create a SOC ...
A good next step is to create the position of chief security officer or chief information security officer to place responsibility in a single executive-level employee, says Doug Graham, a senior director of information risk management for EMC. Putting the responsibility for security in a single position can help focus an organization's security efforts.
And according to Nicolas Fischbach of London-based Colt Telecom Services ...
As the security initiative develops, a company will typically seek out better visibility into what is going on in its network. Many companies do not have a full inventory of their information assets, and embarking on a program to create a security operations center can be enlightening.
Fischbach also offers this zinger, which may be counter intuitive to some folks:
The first reason to have a SOC is not to do security enforcement, but to get visibility into your environment.
After all, you want to know your weaknesses before others find them ... which can lead to unhappy things like THIS.