Ready to use prioritized Security Operations requirements, to:
Administer and maintain security systems in the cybersecurity security operations center (CSOC) technology stack, including the security information and event management (SIEM) environment; OT and IT network intrusion detection systems (IDS); endpoint detection and response (EDR) tool; security orchestration, automation, and response (SOAR); cyber threat intelligence platform (TIP); and full packet capture (PCAP) servers across your service territory. .
- If you have a help request system, does your help request system work with your security operations center?
- Does your organization have a formal security operations center or team that actively manages security incidents and events as they are generated?
- Do you have a need to build out a security operations center (SOC) or will you have a virtual SOC?
- Do you have the appropriate certification(s); for example, certified to security operations management system standards as ISO 18788?
- Do you have a dedicated threat hunting platform for your security analysts?
- Does your system have a protocol to report threats or significant security concerns to appropriate law enforcement authorities?
- How does your organization coordinate BCM and security operations response to a breach?
- What level of security depth does your security operations staff possess, and for what support time frames?
- Do you have a 24×365 security operations center monitoring all systems for potential security issues?
- How long does it take your security operations team to investigate a threat?
New to Kanban? Read this
Want to reuse this data? Purchase your license here:
One-time payment for perpetual commercial re-use
Questions? Email us HERE