Why SOCs Fail
Today’s SOCs should have everything it needs to mount a competent defense of the ever-changing IT enterprise. Yet most SOCs continue to fall short in keeping the adversary—even the unsophisticated one—out of the enterprise.
The deck is clearly stacked against the defenders. While the adversary must discover only one way in, the defenders must defend all ways in, limit and assess the damage, and find and remove adversary points of presence in enterprise systems. And cybersecurity experts increasingly recognize that sophisticated adversaries can and will establish lasting footholds in enterprise systems. If this situation were not bad enough, more often than not, we are our own worst enemy. Many SOCs expend more energy battling politics and personnel issues than they do identifying and responding to cyber-attacks. All too often, SOCs are set up and operate with a focus on technology, without adequately addressing people and process issues. The main premise of this infographic is that a more balanced approach would be more effective.