Build Your Security Operations Program From the Ground Up
Establish security operations with a threat collaboration environment.
Onsite Workshop
Building your security operations without a collaborative and iterative strategy for your security operations team leads to:
- Tribal processes and ownership that silos off important information from other security analysts.
- Lack of insight into the way multiple processes build on and support one another.
Building your security operations program with a threat collaboration environment leads to:
- Collaboration across multiple processes that provides overarching visibility into your threat landscape.
- A prioritized roadmap for maturing and optimizing your security operations program.
- The ability to make informed decisions on necessary security events within your organization.
Module 1: Establish Your Foundation
The Purpose
- Identify security obligations and the security operations program’s pressure posture.
- Assess current people, process, and technology capabilities.
- Determine foundational controls and complete system and asset inventory.
Key Benefits Achieved
- Identified the foundational elements needed for planning before a security operations program can be built
Activities: | Outputs: | |
---|---|---|
1.1 | Define your security obligations and assess your security pressure posture. |
|
1.2 | Determine current knowledge and skill gaps. |
|
1.3 | Shine a spotlight on services worth monitoring. |
|
1.4 | Assess and document your information system environment. |
|
Module 2: Assess Current Security Operations Processes
The Purpose
- Identify the maturity level of existing security operations program processes.
Key Benefits Achieved
- Current maturity assessment of security operations processes
Activities: | Outputs: | |
---|---|---|
2.1 | Assess the current maturity level of the existing security operations program processes. |
|
Module 3: Design a Target State
The Purpose
- Design your optimized target state.
- Improve your security operations processes with governance and policy solutions.
- Identify and prioritize gap initiatives.
Key Benefits Achieved
- A comprehensive list of initiatives to reach ideal target state
- Optimized security operations with repeatable and standardized policies
Activities: | Outputs: | |
---|---|---|
3.1 | Complete standardized policy templates. |
|
3.2 | Map out your ideal target state. |
|
3.3 | Identify gap initiatives. |
|
Module 4: Develop an Implementation Roadmap
The Purpose
- Formalize project strategy with a project charter.
- Determine your sourcing strategy for in-house or outsourced security operations processes.
- Assign responsibilities and complete an implementation roadmap.
Key Benefits Achieved
- An overarching and documented strategy and vision for your security operations
- A thorough rationale for in-house or outsourced security operations processes
- Assigned and documented responsibilities for key projects
Activities: | Outputs: | |
---|---|---|
4.1 | Complete a security operations project charter. |
|
4.2 | Determine in-house vs. outsourcing rationale. |
|
4.3 | Identify dependencies of your initiatives and prioritize initiatives in phases of implementation. |
|
4.4 | Complete a security operations roadmap. |
|