QOMPLX Operations: The 4Ps of SOCs Part 2: Process

This is the second in a series of publications we’re calling “QOMPLX Operations.” These posts are intended to provide security practitioners with best practices and insights needed to build effective, robust security operations center (SOC) teams. To learn more, download our free reports!

In 2013, big-box retailer Target became the victim of a massive compromise of its Point of Sales (POS) network. All together, credit card breach information on 110 million Target customers was stolen. Target ended up paying $18.5 million in a settlement with Attorneys General in 47 states and the District of Columbia.

Behind the headlines about Target lay a cautionary tale. Subsequent reporting revealed that detection tools used by Target and a managed service provider had, in fact, alerted staff that an incident occurred early on. Furthermore, that incident was isolated and even escalated by staff. Still, no further action was taken to investigate the incident. In other words, at some point, the process of incident escalation used by Target faltered, with disastrous consequences for the firm.

Target's story underscores the critical importance of establishing effective processes within your security operations center. It also reminds us that organizations face a multi-level challenge: from translation of cybersecurity monitoring actions; to risk assessment; to risk quantification and communication; to prioritization of risk mitigation and response actions.

In this second installment of our QOMPLX Operations series, we're digging into the tricky question of what makes effective SOC processes and how organizations can set themselves up for success by creating effective, responsive SOC processes that actually reduce risk.

You can download "The Four Ps of SOCs Part 2: Process" here. Registering will give you access to all four reports in the series.

More Posts

Card image cap
QOMPLX adds Q:SCAN Internet Attack Surface Scanning Solution

Published Nov 17, 2020

Card image cap
QOMPLX Intelligence: Opponent Strategy Identification Using StarCraft

Published Nov 12, 2020

Card image cap
D&B Cyber Risk Rating: Score the cyber risk posture of your suppliers

Published Nov 09, 2020

Card image cap
Q:SCAN for Supply Chains: Score Your External Security Posture

Published Nov 09, 2020