Date: Tuesday, June 13, 2023
Time: 8:00 a.m. - 12:00 p.m. ET
Location: Virtual
Contact: Bill Sieglein, CISO Executive Network, bill@cisoexecnet.com
We are all looking for ways to make our SOC more effective. Do we need more visibility? More tools? More people? Join us to find out what your peers and ChatGPT are doing to make our SOC more effective.
What should we be doing to react to security issues effectively, given the increase in events and resource limitations? Can we keep pace and ensure we are securing our environments?
Security Controls Covered: SIEM, SOAR, XDR, EDR, NDR, MDR, MSSP, IR Playbooks, Threat Management, Threat Intel
It is clear that finding enough people to monitor and respond to security- related matters is a persistent challenge. Even if we are outsourcing the SOC, we find that those vendors have the same challenges. Automation of a lot of our security operations tasks is becoming a must-have. How much automation are we comfortable with? Can we trust software to respond in a way humans would? In this series, we will compare notes on our experiences with security operations and all that it entails.
Topics likely to be part of this discussion include:
- SecOps models – in-sourced, out-sourced, hybrid
- Response automation
- Playbook development
- Tabletop exercises- from tech to exec tabletops
- Finding and retaining SecOps resources
- Best practices for greater visibility
- Single or fewer panes of glass
- Defense to offense for security operations
- The Do’s and Don’ts of the “DRs”
- Secops tools rationalization
- OT/IoT
Sponsored by IBM