Re: Security Operations Center Management

[Dennis Bolton <bolton () OAKLAND EDU>]

1)      Does your organization have a formal Security Operations Center? *We
have a Security Team, I hesitate to call us a "SOC" as resources (tools and
time) limit or monitoring ability.*

a.       Is it fully staffed with internal resources?  *Team is 3 staff
(including myself) and between 1-2 part time students *

b.       Is it fully outsourced? *We augment with a Security Consulting
Firm that provides support including scanning as well  Prof. Services for
infrastructure configuration but not a true SOC service.*

c.       Is it co-managed with a service provider? (above)

2)      If you do not have a Security Operations Center is it on your
roadmap * We continue to investigate, specifically for true 24x7 incident
response but not in our immediate future*

a.       Are you planning to fully staffed with internal resources?
*Unlikely,
we would be able to get internal resources*

b.       Are you planning to fully outsourced? *Possibly*

c.       Are you planning to co-managed with a service provider? *Possibly*

Not  sure where to add this but we would be interested in a shared,
community SNOC for 24x7 monitoring and alerting.


Dennis Bolton
Information Security Officer
Oakland University
Dodge Hall Rm 220
118 Library Drive
Rochester, MI 48309-4401
248-370-4803


On Mon, Jan 25, 2021 at 5:47 PM Carlton, Cynthia <
cynthia.carlton () rochester edu> wrote:

> Good afternoon
>
>
>
> I’m working on doing a quick benchmarking survey on behalf of our CISO
> regarding SOC’s. I did find a previous posting regarding an annual SOC
> survey and am reviewing that dataset and report. However, we would like to
> try and benchmark as many Higher Ed and Academic Medical Centers as
> possible.  I will be happy to share the results of what I collect if there
> is expressed interest. Please feel free to respond to me directly  -
> Cynthia.carlton () rochester edu. Thank you in advance for your feedback!
>
>
>
> 1)      Does your organization have a formal Security Operations Center?
>
> a.       Is it fully staffed with internal resources?
>
> b.       Is it fully outsourced?
>
> c.       Is it co-managed with a service provider?
>
> 2)      If you do not have a Security Operations Center is it on your
> roadmap
>
> a.       Are you planning to fully staffed with internal resources?
>
> b.       Are you planning to fully outsourced?
>
> c.       Are you planning to co-managed with a service provider?
>
>
>
> The specific data we have been asked to report on was -  how many other
> Academic Medical Centers and Universities have deployed a SOC and are they
> are doing it all in house or do they outsource some or all of it?
>
>
>
>
>
> *Cynthia Carlton*
>
> *Information Architect*
>
> *University of Rochester*
>
> *Desk:*   585-275-1068
>
> *Email:*  cynthia.carlton () rochester edu
>
>
>
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community