The Noggin Blog

Unpacking the Role of the Security Operations Centre (SOC)

Posted by The Brain on Sep 22, 2020 3:53:04 PM

Buildings, sites, plants and equipment, materials, and other physical assets remain some of the easiest targets for malicious actors. And when surveyed, security professionals usually despair of their organisation’s inability to protect them.

Why’s that? Under-investment in physical security management has left these larger, (usually) older assets dangerously vulnerable to compromise. What can be done? Well, Security Operations Centres (SOCs) give organisations a chance to improve their operational security posture and better secure people and property. 

Unpacking the Role of the Security Operations Centre (SOC)

Security Operations Centres can vary. But broadly speaking, an SOC provides a platform for detecting and reacting to security incidents. The SOC itself is typically a facility that houses an organised, highly skilled security team. That team relies on sophisticated technology and well-honed processes to achieve top-line security objectives.

The Security team responsible for carrying out the core mission usually consists of the SOC manager who heads up operations, engineers, and security analysts. The team also works closely with the organisation’s Crisis, Emergency Management, and Business Continuity teams to coordinate responses to physical security incidents that become critical events.

The primary task the SOC discharges is regularly monitoring and analysing the organisation’s security posture. Drilling down, the SOC detects, investigates, responds to, and reports on security incidents.

What about strategy? The SOC is an operational unit. That means it’s not responsible for developing security strategy. The SOC is set up to continuously manage known and existing risks and threats. And those responsibilities don’t cease when the traditional office closes down – hence why most SOCs are open around the clock.

The benefits of this centralised security arrangement should be clear. It’s widely understood that advanced equipment and technology alone aren’t sufficient to achieve high-level security goals. If they were, there’d be far fewer security incidents, as security spend went up.

That hasn’t happened. What’s stemmed the tide, instead, has been a focus on mitigating risks and improving incident preparedness and response via a security apparatus specifically dedicated to preventing damage, theft, and intrusions, as well as protecting people.

And that’s what SOCs do so well: consolidate security expertise and reporting into one centralised location. SOCs collate physical security data from the field, to furnish a real-time picture of security threats and vulnerabilities. This centralising approach cuts against the usual security siloing that you see in enterprise security management.

Why: SOCs tend to provide clear gains in visibility and increases in security incident situational awareness. Also, when it comes to security incidents, SOCs help communicate to and interface with other parties in the business who need to be on high alert if a breach does happen, e.g. Legal and PR.        

Finally, in recent times, lawmakers and national regulators have moved in aggressively to mandate baseline security measures, especially in the critical infrastructure sector. Robust SOCs and related practices go a long way towards ensuring compliance with those mandates. They also do much to attenuate the reputational damage of physical security incidents that do occur, by demonstrating your organisation’s longer-standing dedication to the most stringent security incident prevention measures.

But operating an SOC can be a challenge. To better understand those challenges and the technology solutions best equipped to overcome them, download our guide to operating a Security Operations Centre.

Download Now


For more news and updates, follow Noggin on Twitter and LinkedIn.

Topics: Security Management, Security Newsletter


Meet Noggin: all-hazards enterprise resilience software.

Thanks for stopping by!

The Noggin software suite provides flexible information management solutions capable of managing all hazards across a wide range of industries, from the smallest complaint to a multi-national emergency. We help organizations handle all hazards, all media, all devices, all processes - in one suite of software products. Organizations across the world rely on Noggin to help them manage disruptive events more effectively and protect the bottom line for their communities and businesses.

Want to learn more? Get in touch:

 

Subscribe to Email Updates

Recent Posts