Using advanced analytics for the insights of tomorrow

Using advanced analytics for the insights of tomorrow

Today, most SOC managers and CISOs are using metrics to track the security posture and measure their SOC’s performance (along with the metrics used for threat analysis).

Assuming management has access to this broad set of security operations data, and an easy way to extract insights - what questions would they ask?

What are those slippery topics that they just can’t seem to answer (but really wish they could)? 

And finally, what are your essential metrics today?

Comments

  • Szymon KozickiSzymon Kozicki Siemplify Champion
    1. Why do we spend that much money on security if you only handle X incidents?
    2. What value to the business do you really provide?

    Two quick that are asked all the time.

  • Good points @Szymon Kozicki

    I think that demonstrating successful alert handling with a few simple numbers could be a great tool for showing the ROI of the SOC to higher management.

    Low levels of incidents, high rate of alert handling (either by security analysts or by automation) and tools efficiency are a great start when trying to justify the investment put into a SOC.

Sign In or Register to comment.