NCSC Shares Alternatives to Using a SOC

A leading UK security agency has revealed several approaches that could reduce or eliminate the need for organizations to run a time- and resource-consuming Security Operations Center (SOC).

The SOC has become an increasingly important function for security operations (SecOps) teams tasked with detecting, hunting and responding to cyber-threats.

However, it can require a significant ongoing investment of time and resources, the National Cyber Security Centre (NCSC) admitted in a new blog.

Senior security architect, David S, explained that some organizations may not need a SOC at all. He shared the following approaches being used in government which could reduce the need for one:

A 100% cloud-native/serverless architecture has the advantage of tightly integrated identity management controls and will limit the types of attack possible
Zero-touch production (services where engineers never have direct access to production services) can reduce system risk and the need for security monitoring. When direct access is needed it can be provided in a time-limited manner
Separate cloud accounts for segregated functions plus strict access controls can also reduce risk
Cloud-native services offer their own logs and services to analyze and validate their integrity. This can replace the need for a dedicated SIEM
Secure development practices will enable the operations team to gain responsibility for security, so no security team is needed. Service operations teams are also more likely to be able to identify suspicious behavior than a SOC analyst
Alerts can be set up to warn if logging stops working for any reason

This is not to say that SOCs don’t still have a place in the modern enterprise, David S added.

“For some enterprise IT systems, such as endpoints, and traditional IaaS based architectures it remains a requirement to provide reactive monitoring of the system,” he concluded.

“There are also benefits to centralized SOCs where government departments can identify broader attacks that are probing multiple services used by the organization.”

NCSC Shares Alternatives to Using a SOC

Phil Muncaster

You may also like

Ransomware Pressure Forces UK CISOs to Consider Quitting

#BHUSA: New Open Source Group Set to Streamline Threat Detection

Three-Quarters of SMBs Can't Repel Cyber-Attacks

Alert Overload Distressing 70% of SecOps Teams

Securing Perimeter Products Must Be a Priority, Says NCSC

What’s hot on Infosecurity Magazine?

Fifth of CISOs Admit Staff Leaked Data Via GenAI

State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities

BEC and Fund Transfer Fraud Top Insurance Claims

Online Banking Security Still Not Up to Par, Says Which?

How to Open and View OST Files Without Outlook

How to Backup and Restore Database in SQL Server

Alarming Decline in Cybersecurity Job Postings in the US

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Dependency Confusion Vulnerability Found in Apache Project

How to Navigate the Risks of Generative AI

Hope Revived for UN Cybercrime Treaty as Negotiations Set to Resume

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Securing APIs in the Cloud Frontier

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024

NCSC Shares Alternatives to Using a SOC

Written by

You may also like

What’s hot on Infosecurity Magazine?