Develop Foundational Security Operations Processes

Transition from a security operations center to a threat collaboration environment.

Onsite Workshop

RETIRED CONTENT

Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

A poorly structured security operations program or the lack of one can result in:

  • A lack of situational awareness, leaving the organization vulnerable to threats.
  • A waste of invested time and resources.
  • False positives that misdirect management and organizational efforts.

A formalized security operations program can help:

  • Reduce incident response times through the contextualization of incidents.
  • Enhance communication through a central knowledge portal, defined escalation procedures, and comprehensive ticketing function.
  • Improve effectiveness of internal defense controls such as SIEM, NGFWs, IPSs, SWGs, anti-malware, and anti-spam packages.
  • Increase operational efficiency in terms of asset management, human capital management, and process optimization.
  • Increase organizational situational awareness through active collaboration between core threat teams, enriching internal security events with external threat intelligence and enhancing security controls.
  • Reduce probability of breaches while improving internal network defenses.
  • Improve standardization of prevention, detection, analysis, and response efforts.
  • Enhance overall security posture.
  • Identify the appropriate technological and infrastructure-based sourcing decisions.

Module 1: Assess Your Current State

The Purpose

  • Determine current capabilities, operational inefficiencies, and opportunities for improvement.

Key Benefits Achieved

  • Understand the differences between a traditional and next-generation security operations program.
  • Assess and mature current prevention, detection, analysis, and response capabilities.
  • Optimize your security operations through the adoption of next-generation processes.
  • Isolate operational problem areas and consolidate people, processes, and technology.

Activities: Outputs:
1.1 Understand the benefits of refining your security operations program.
1.2 Gauge your prevention capabilities.
1.3 Gauge your detection capabilities.
1.4 Gauge your analysis capabilities.
1.5 Gauge your response capabilities.
  • Security Operations Maturity Assessment Tool
  • Security Operations Event Prioritization Tool
  • Security Operations Workbook
1.6 Develop a comprehensive collaboration program.

Module 2: Design Your Target State

The Purpose

  • Begin developing and prioritizing gap initiatives in order to achieve the optimal state of operations.

Key Benefits Achieved

  • Support your decision to optimize security operations.
  • Identify planning gaps specific to your organization’s unique threat landscape.
  • Formalize the implementation process with an official policy and guide.

Activities: Outputs:
2.1 Assess your security pressure posture.
  • Security Pressure Posture Analysis Tool
2.2 Optimize your security operations processes.
  • Security Operations Efficiency Calculator
  • Security Operations Policies
2.3 Design your ideal target state.
  • Security Operations Maturity Assessment Tool
2.4 Prioritize gap initiatives.

Module 3: Develop an Implementation Roadmap

The Purpose

  • Formalize the initiative.
  • Determine the appropriate sourcing strategy.
  • Develop a comprehensive and actionable measurement program.

Key Benefits Achieved

  • Identify the appropriate sourcing strategy and subsequent SLAs.
  • Formalize the implementation process with an official and prioritized roadmap.
  • Measure the success of your security operations with relevant, actionable, and timely metrics.

Activities: Outputs:
3.1 Establish your case to management.
  • Security Operations Project Charter
3.2 Develop an appropriate sourcing strategy.
  • In-House vs. Outsourcing Decision-Making Tool
  • Security Operations MSSP RFP Template
3.3 Assign roles and responsibilities to your implementation roadmap.
  • Security Operations RACI Tool
3.4 Develop a comprehensive measurement program.
  • Security Operations Metrics Summary Document
  • Security Operations TCO & ROI Comparison Calculator

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

View Active Workshops
GET HELP Contact Us
×
VL Methodology