Educause Security Discussion mailing list archives
Re: Security Operations Center Management
From: Dennis Bolton <bolton () OAKLAND EDU>
Date: Wed, 3 Feb 2021 08:54:46 -0500
1) Does your organization have a formal Security Operations Center? *We have a Security Team, I hesitate to call us a "SOC" as resources (tools and time) limit or monitoring ability.* a. Is it fully staffed with internal resources? *Team is 3 staff (including myself) and between 1-2 part time students * b. Is it fully outsourced? *We augment with a Security Consulting Firm that provides support including scanning as well Prof. Services for infrastructure configuration but not a true SOC service.* c. Is it co-managed with a service provider? (above) 2) If you do not have a Security Operations Center is it on your roadmap * We continue to investigate, specifically for true 24x7 incident response but not in our immediate future* a. Are you planning to fully staffed with internal resources? *Unlikely, we would be able to get internal resources* b. Are you planning to fully outsourced? *Possibly* c. Are you planning to co-managed with a service provider? *Possibly* Not sure where to add this but we would be interested in a shared, community SNOC for 24x7 monitoring and alerting. Dennis Bolton Information Security Officer Oakland University Dodge Hall Rm 220 118 Library Drive Rochester, MI 48309-4401 248-370-4803 On Mon, Jan 25, 2021 at 5:47 PM Carlton, Cynthia < cynthia.carlton () rochester edu> wrote:
Good afternoon I’m working on doing a quick benchmarking survey on behalf of our CISO regarding SOC’s. I did find a previous posting regarding an annual SOC survey and am reviewing that dataset and report. However, we would like to try and benchmark as many Higher Ed and Academic Medical Centers as possible. I will be happy to share the results of what I collect if there is expressed interest. Please feel free to respond to me directly - Cynthia.carlton () rochester edu. Thank you in advance for your feedback! 1) Does your organization have a formal Security Operations Center? a. Is it fully staffed with internal resources? b. Is it fully outsourced? c. Is it co-managed with a service provider? 2) If you do not have a Security Operations Center is it on your roadmap a. Are you planning to fully staffed with internal resources? b. Are you planning to fully outsourced? c. Are you planning to co-managed with a service provider? The specific data we have been asked to report on was - how many other Academic Medical Centers and Universities have deployed a SOC and are they are doing it all in house or do they outsource some or all of it? *Cynthia Carlton* *Information Architect* *University of Rochester* *Desk:* 585-275-1068 *Email:* cynthia.carlton () rochester edu ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Security Operations Center Management Carlton, Cynthia (Jan 25)
- Re: [External] [SECURITY] Security Operations Center Management Kevin Wilcox (Jan 25)
- Re: [External] [SECURITY] Security Operations Center Management Foss, Henry L. (Jan 25)
- Re: Security Operations Center Management Marcelo Lew (Feb 02)
- Re: Security Operations Center Management Koppel, Lorna (Feb 02)
- Re: Security Operations Center Management King, Ronald A. (Feb 03)
- Re: Security Operations Center Management Dennis Bolton (Feb 03)
- Re: Security Operations Center Management Welch, Von (Feb 03)
- Re: Security Operations Center Management Rich Graves (Feb 03)
- <Possible follow-ups>
- Re: Security Operations Center Management Steve Doty (Feb 03)
- Re: Security Operations Center Management Christine Whalley (Feb 05)
- Re: Security Operations Center Management AJ (Westcliff) (Feb 19)
- Re: Security Operations Center Management Perez, Roberto (Mar 10)
- Re: Security Operations Center Management AJ (Westcliff) (Feb 19)
- Re: [External] [SECURITY] Security Operations Center Management Kevin Wilcox (Jan 25)