When you work inside of a Security Operations Center (or SOC for short), the day never ends. It’s demanding and often a seven-days-a-week job, according to Sagar Vyas, the Global Cybersecurity Evangelist for Jolera Inc.
Working inside a SOC is a fast-paced environment where SOC professionals handle events such as alert notifications, triages, security incident responses, and explore how to contain threats that may occur in the future (also called Threat Hunting).
“You are doing multiple things and you have to be able to pivot quickly through them. This is a complex job and finding people with the right skillset for it is has been a challenge, especially in Canada,” Vyas added.
Associate partner, cloud, and security for CrucialLogics’ Claudio Damaso joined Vyas on a panel discussion for the ChannelNext Central Conference in Toronto on the topic of MSP Security, echoing Vyas with his own experiences in SOC.
“We have a dedicated team at CrucialLogics and they eat, breathe, and sleep security.”
Damaso emphasizes that one cannot get by in a SOC with just a background in a few security courses.
“Many people are in the game because they are passionate about alerts, analyzing threats and their intelligence, and predicting future threats,” Damaso said.
Increasing importance in SOCs has been prevalent in both business and government organizations of all sizes. Fresh research from Statista, Canada, found that the total addressable market for SOCs is projected to reach $30 billion USD by the end of 2021.
Over the course of the past 19 months of the Covid-19 pandemic, the thread volumes for SOCs significantly increased, predominantly due to the shift to remote and online work-related security challenges.
Operating a SOC during the pandemic was anything but easy, as “the Internet [doesn’t] stop at the Canadian border,” Damaso explained.
“You need to [be] proactive and preemptive [about threats] before they reach your customer. It’s a constant battle!”
For Managed Services Providers (MSPs), operating without a strong SOC can be detrimental to cybersecurity. Partnering with a skilled SOC provider is the primary suggested strategy for mitigating the high risks of cyber-attacks before they affect customers.
Vyas cautioned that the blurred lines of responsibility of things like handling data and responding to security breaches requires the navigation and reliability of a well-vetted SOC partner. Well-trained SOCs reduce the costs associated with security and malware and can support MSPs in long-run with security intelligence reporting.
IBM recently published a report titled ‘Cost of a Data Breach Report 2021’, illuminating the average cost of a data breach this year: $4.24 million, an almost 10% increase from the previous year.
So where does this leave MSPs? Many are speculative of automation and machine learning as a way of both preventing and reducing the costs associated with cybersecurity. Both Jolera and CrucialLogics are SOCs committed to advancing the way the industry understands cybersecurity; Jolera recently released an AI-driven Endpoint Detection Response (EDR) solution targeting this exact area of developing technology.
Vyas said it simply: “The time for advanced and effective cybersecurity and SOCs is now.”
By Paolo Del Nibletto