Solar: Security Operations Center Maturity Assessment (SOC)

Main article: [IT outsourcing IT outsourcing|https://www.tadviser.ru/index.php/Статья: IT outsourcing IT outsourcing]

2024: Security Operations Center (SOC) Maturity Assessment Service Presentation

Solar Group of Companies July 18, 2024 introduced the service "Assessment of maturity Security Operations Center SOC ()." It is intended for Enterprise companies and state structures that already have their own monitoring centers, and INFORMATION SECURITY allows you to identify growth points and the main directions of development of the internal SOC. In pilot mode, the service has already been implemented in and -. retail creditfinancial industries

Having your SOC has already become the norm for many large companies and government agencies. At the same time, a high workload of operational tasks may prevent them from assessing the state of their own monitoring center and planning its further development. In such cases, an independent view of SOC operation is needed to assess process performance, identify growth points and unlock its full potential.

Maturity assessment is carried out according to its own methodology, based on the best world brands, taking into account the individual goals of the customer and the practice of Solar in ensuring cyber protection of the largest Russian companies and government agencies. The analysis will be carried out by experts with many years of experience in operating the largest commercial SOC in the Russian Federation (Solar JSOC), as well as skills in building and modernizing SOC for leading organizations from various sectors of the economy.

Diagnostics are carried out in three directions:

• Functions - assessment of information security monitoring processes, response quality and investigation of information security incidents, system support of SOC hardware, external communications and development of SOC itself.
• Technologies - assessment of the state and practical application of technical means for detecting, responding to and predicting information security incidents.
• Personnel - assessment of the personnel required for the efficient and well-coordinated work of the center.

The implementation of the service takes from one to two months. As a result, the company will receive two reports: a brief one for management and a detailed one for experts. Both include an assessment of the maturity level for both SOC as a whole and for each discipline, as well as recommendations for the development of the information security monitoring center.

We have created a tool that will help companies and government agencies assess the current state of SOC and identify gaps that can further negatively affect the quality of its work. When conducting a regular assessment, the service will also allow you to control the development of the center in dynamics. As an architect of integrated cybersecurity, we are already helping companies improve and maintain their SOC and comprehensive information security system, "said Yaroslav Napalkov, head of methodology and consulting at Solar JSOC Solar Group.