Christopher Rodman, Breanna Kraus, Justin Novak (SEI/CERT)

Organizations come in all shapes and sizes, serve myriad purposes, and exist in different security environments. But they all have one thing in common: they need security operations. How should an organization determine which services and functions its Security Operations Center (SOC) should provide? This paper identifies five factors that influence an organization’s SOC service priorities. It then describes a workflow that complements standard security frameworks to efficiently determine and prioritize the services that a SOC should perform for an organization. The services that the SOC offers should complement the organization’s overall cybersecurity program and align with higher level cybersecurity assessment frameworks, such as the National Institute of Standards and Technology Cybersecurity Framework. The workflow is repeatable and can be used regularly to evaluate whether SOC services continue to align with an organization’s priorities in a changing world. This work will interest those responsible for the design, coordination, and implementation of security operations teams in organizations of any size.

View More Papers

DRAINCLoG: Detecting Rogue Accounts with Illegally-obtained NFTs using Classifiers...

Hanna Kim (KAIST), Jian Cui (Indiana University Bloomington), Eugene Jang (S2W Inc.), Chanhee Lee (S2W Inc.), Yongjae Lee (S2W Inc.), Jin-Woo Chung (S2W Inc.), Seungwon Shin (KAIST)

Read More

SURGEON: Performant, Flexible and Accurate Re-Hosting via Transplantation

Florian Hofhammer (EPFL), Marcel Busch (EPFL), Qinying Wang (EPFL and Zhejiang University), Manuel Egele (Boston University), Mathias Payer (EPFL)

Read More

Connecting the Dots in the Sky: Website Fingerprinting in...

Prabhjot Singh (University of Waterloo), Diogo Barradas (University of Waterloo), Tariq Elahi (University of Edinburgh), Noura Limam (University of Waterloo)

Read More

Sharing cyber threat intelligence: Does it really help?

Beomjin Jin (Sungkyunkwan University), Eunsoo Kim (Sungkyunkwan University), Hyunwoo Lee (KENTECH), Elisa Bertino (Purdue University), Doowon Kim (University of Tennessee, Knoxville), Hyoungshick Kim (Sungkyunkwan University)

Read More