Sunday, 21 May 2017 Blog ehdf

In-House VS Outsourced Security Operations Centre (SOC)

The widespread and enthusiastic adoption of Cloud Computing by business enterprises – across verticals and geographies – is only the latest innovation of several layers of information technology, that have become indispensible and central to the modern enterprise. By their very nature, these technologies communicate and interact to enhance the portability of – and access to – data, applications, storage devices, networks and several other elements of technology. The sheer scale of empowerment and efficiency that these elements have introduced into work practices will, no doubt, continue to expand their adoption and functions. However, the connected and interactive nature of these technologies also creates security concerns that must be addressed too. Few disruptions can have as catastrophic an effect on a business as a security breach that compromises its IT infrastructure. Dramatic and prominently reported breaches and attacks have attracted a well-deserved focus on the ability of enterprises to anticipate, detect, contain and mitigate them. The constant evolution of innovative technology has introduced new vulnerabilities that cyber security solutions must account for.

A dedicated and focused Security Operations Center (SOC) is an excellent solution for many organizations. They enlist honed skillsets, organized teams with specific responsibilities, thoroughly structured procedures and experienced human resources to monitor, detect, analyze and enact the response of an enterprise, to security threats and breaches. The specific model and type of SOC a business chooses to rely upon is dependent on the needs, processes and day to day functions of each individual company.

In-House Vs. Outsourced SOC services

In-House SOC: The decision to go with an In-House SOC suits organizations for which the integrity of their data and specialized or customized processes is of primary concern. This priority may be driven by the sensitive nature of the information they process or in compliance with their industry regulations. Creating an In-house SOC minimizes the risk of the loss of critical data that the organization may be particular about. The implementation of an In-House SOC, that is robust and capable of handling threats, helps the organization develop capabilities and skillsets that give it complete control over security. However, there are also some downsides to an In-House SOC.

The roll out of an In-House SOC will involve a period of time when the service learns from its mistakes – not a luxury many enterprises can afford. It can take years to realize a return on the investment on an In-House SOC, by which time technology is likely to have evolved to enhance both solutions and threats. The Capex investment on several elements of an In-House SOC also adds another factor along with the ability to man it with resources on a 24/7 basis; something most organizations are not geared for currently. Also accessing multiple data feeds from a global perspective can be a limiting factor with an In-House SOC.

Outsourced SOC: For many organizations, going for an Outsourced SOC is a much more lucrative and effective solution. While creating an In-House SOC is capital intensive and requires the recruitment and building of substantial in house expertise, an Outsourced SOC enables the enterprise to immediately access the benefits of a professionally implemented service by leveraging the infrastructure, experience and full spectrum capabilities that the service provider brings to the relationship.

IT security service providers in UAE employ some of the best available talent in the market. Having dealt with numerous other clients and their infrastructure, an Outsourced SOC provider and their human resources have usually developed a much higher degree of expertise, coordination and experience than a dedicated SOC can muster. The nature of security concerns, while being of an ever evolving nature and consisting of several emerging threats, do tend to follow certain patterns and specifics that can be anticipated to a certain degree. A mature and experienced Outsourced SOC service provider has usually developed a considerable knowledge of existing threats and considerable intelligence regarding the trends and nature of emerging ones. Any reservations an enterprise might have regarding the post contract integrity of its data can be mitigated through the implementation of strict and comprehensive SLAs and choosing an established and a well-regarded player in the industry who see their reputation as the central currency of their success.

Conclusion

An In-House and an Outsourced SOC each constitute separate approaches and strategies to address security concerns regarding data and IT infrastructure integrity. While enterprises with particular concerns and regulatory compliance requirements may perhaps be better served by investing in an In-House SOC, several other enterprises stand to gain considerably by outsourcing their Security Operations to specialized and experienced Managed Service Providers.