SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center
SecOps benefits and goals
Security and IT operations teams often work apart from one another, making the task of identifying cybersecurity threats and defending against them — or, if they turn into attacks, mitigating them — incredibly difficult. Combining security and IT operations into a dedicated SecOps team enables organizations to rapidly and intelligently predict and address security concerns.
SecOps has the following business benefits and goals:
continuous protection;
a quick and effective response;
decreased costs of breaches and operations;
threat prevention;
security expertise;
compliance;
communication and collaboration; and
an improved business reputation.
Key roles on a SecOps team
There are five key roles every SecOps team needs:
incident responder
security investigator
advanced security analyst
SOC manager
security engineer/architect
What does a security operations center do?
A SOC is a command center facility for the SecOps team. While the SecOps team might interact with other teams or departments, it is typically self-contained with highly skilled personnel (internal or outsourced). Most, but not all, SOCs operate 24/7 with SecOps teams working in shifts to log activity and mitigate threats.
Organizations can choose to deploy one of four SOC models:
a virtual SOC that operates online and is managed by staff or third-party SecOps professionals;
a multifunction SOC that has a dedicated physical space, but the internal team running the SOC is shared, working on SecOps and other IT tasks;
a hybrid SOC with a staff, third-party contractors or a mix to perform SecOps tasks full time or part time in a dedicated facility, virtual space or a combination of both; and
a dedicated SOC with an internally staffed physical space that operates around-the-clock and is solely focused on SecOps functions.
