Many organisations are aware of SOC/SIEM, yet they are uncertain about how to initiate this process. This guide aims to simplify the matter and provide clarity on the various choices and routes you can take to ascertain your current position on this journey.
The subsequent sections will assist you in determining whether a SOC/SIEM is a feasible solution for your organisation, considering factors such as cost, prerequisites, and organisational maturity. The overall goal is to enable organisations to assess their current state and provide guidance on how they can best uplift their cybersecurity posture through the deployment of a security operations centre.
About SOC/SIEM
What is a SOC/SIEM?
A Security Operations Centre (SOC) is a team or function which has a primary responsibility for detecting, investigating, and responding to cyber events. This is usually performed using a Security Information and Event Management (SIEM) system which ingests and analyses data from various technology sources across your organisation.
Why do I need it?
All organisations are at risk from threats such as account compromise, phishing scams, and ransomware/ malware, as well as threats to supply chain and denial of service attacks. Having a function dedicated to detecting, investigating, and responding to these events is critical to ensure your organisation can survive a cyber event without material impact.
Why a Managed SOC?
Delivering 24/7 security operations requires a dedicated team which is expensive and can be hard to resource. Outsourcing to a specialist partner may allow you to achieve the benefits in a more cost‑effective manner.
What you’ll find in this guide
| Foundation Service | Gather an overview of the service, key threats covered, and technology integration components. Then use the Cost Calculator on page 6 to estimate the monthly managed service cost for your organisation. |
| Microsoft Sentinel SIEM | Review the technical configuration of Microsoft Sentinel which is aligned to the foundation service and gain an understanding of the expected Microsoft Azure costs which are dependent on the volume of data ingested. |
| Enablement Activity | Review the list of capabilities which will need to exist or be deployed as part of service onboarding, and dependencies or potential effort required by your organisation if you need to deliver or uplift the capability within your organisation. |
| Total Cost of Ownership | Using the output from Service Cost and SIEM Cost slides, as well as an assessment of the required enablement activity, determine estimated total costs of a managed SOC/SIEM service. |
Download the SOC/SIEM guide below
Download the Datasheet
Fill out the form below to read the Datasheet
"*" indicates required fields
