Autonomic Security Operations
10X Transformation of the Security Operations
Center
Iman Ghanizada, Dr. Anton Chuvakin
For more information visit
cloud.google.com
Oce of the CISO
Table of Contents
Executive Summary
3
Landscape is evolving:
3
Aackers are evolving:
3
The SOC must evolve dramatically to tackle these new
challenges:
3
Autonomic Security Operations to Transform your SOC:
3
Introduction
4
The SOC mission
5
Why the SOC needs to transform?
6
Business Transformation
6
Expanding Aack Suace
8
Talent Shoage
9
Why should future SOC be dierent?
1
1
What is Autonomic Security Operations?
1
2
10X People
12
10X analyst productivity and eectiveness
1
3
10X coverage of threats and assets
1
5
10X knowledge sharing
15
10X Process
1
6
10X Technology
1
7
10X Visibility
1
7
10X Speed
1
8
10X Signals
1
8
10X TCO
19
10X Inuence
2
0
How to achieve Autonomic Security Operations
2
1
People Transformation
2
2
Process Transformation
2
4
Technology Transformation
2
5
Inuence Transformation
2
7
Conclusion
29
For more information visit
cloud.google.com
Oce of the CISO
Executive Summary
Landscape is evolving
●
Digital transformation changes an organization's aack
suace. Cybersecurity risks are expanding
beyond the classic SOC use cases and applying to fraud,
identity the, and threats traditionally
handled by other teams. Operational fusion is needed
now more than ever.
●
Technological evolutions in modern computing architecture
are constantly changing and more
security controls are appearing at all levels of the
stack. This increases the volume of data and the
potential adverse events that a SOC needs sensory
coverage to monitor.
●
Supply chains are expanding in depth, and the magnitude
of their impact is increasing as the shi
away from monolithic applications is boosted by dependencies
on purpose-built technologies
across rst pay, third pay, and open source soware.
●
Network-centric security models are superseded by
identity-centric access models as services
and architectures exist in and across clouds.
Aackers are evolving
●
Aackers are taking advantage of these complexities
to increase their stealth and ability to persist
in an organization while they carry out their mission,
and their mission has been increasingly
focused on destabilizing organizations and holding
them ransom, as well as continuing to steal
their valuable information.
●
These highly persistent threats are oen undetectable
by traditional approaches and require
strong threat hunting capabilities and robust threat
intelligence to detect.
The SOC must evolve to tackle these new challenges
●
While cloud environments streamline the ability to
detect and respond to threats, most
organizations are adopting multi and hybrid-cloud
approaches and SOC teams are struggling to
ramp up their skill sets and toolsets to adapt to
these new architectural paradigms.
●
The conventional SOC is not equipped to handle these
challenges. There is a shoage in talent that
cannot be solved by adding more people alone, the
processes that suppo the SOC mission have
not been revamped to meet cloud-centric workload needs,
and the technologies that are used
inside of a SOC are not capable of streamlining detection
& response at scale.
Autonomic Security Operations to transform your SOC
●
So overall, in the face of these challenges, we have
an oppounity to do a 10X transformation of
the SOC, and so is born Autonomic Security Operations.
●
Autonomic Security Operations
is a combination of
philosophies, practices, and tools that
improve an organization's ability to withstand security
aacks through an adaptive, agile, and
highly automated approach to threat management.
●
Our ability to increase & upskill talent to distribute
and automate processes with poweul
cloud-native technologies will drive our approach
to eectively manage modern-day threats at
cloud-scale.
For more information visit
cloud.google.com
Oce of the CISO
Introduction
Cloud transformation has enabled businesses to brin
GoogleCloud 自动化安全运营中心soc建设指南 OfficeofCISO AutonomicSecurityOperations 10x 英文
文档预览
中文文档
29 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共29页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2023-03-04 11:18:01上传分享