Planning the Building a SOC: A Conceptual Process Model

Pierre Jacobs, Sebastiaan von Solms, der Walt van der Walt

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

There are few frameworks available to consult when building Security Operation Centers (SOCs). (P. Jacobs, 2015). Jacobs proposed such a framework, and this paper builds on the “Planning” part of that framework. The authors could not find any existing conceptual process models where it comes to the planning phase when building SOCs. We propose a conceptual process model to follow during the planning phase of the SOC. Conceptual models are used to represent systems typically made up of the composition of concepts (Robinson; Arbez; Birta; Tolk; Wagner, 2015). The aim of our conceptual process model is to help SOC builders understand the proposed process to be followed during the SOC planning phase and is meant to guide the SOC builder's thinking during the planning phase. The conceptual process model will start by determining the services that the SOC in development will be offering, followed by deciding on a SOC model. After the determination of the SOC services and model we will identify the technologies and tools to facilitate the services, keeping in consideration the influence the SOC model has on the service. For each of the steps in our conceptual model we have identified existing, public frameworks, standards or best practices. Our conceptual process model will be mapped to these frameworks, standards or best practices with the intention to be used to augment our model.

Original languageEnglish
Title of host publicationProceedings of the 21st European Conference on Cyber Warfare and Security, ECCWS 2022
EditorsThaddeus Eze, Nabeel Khan, Cryil Onwubiko, Cryil Onwubiko
PublisherCurran Associates Inc.
Pages94-104
Number of pages11
ISBN (Electronic)9781914587405
Publication statusPublished - 2022
Event21st European Conference on Cyber Warfare and Security, ECCWS 2022 - Chester, United Kingdom
Duration: 16 Jun 202217 Jun 2022

Publication series

NameEuropean Conference on Information Warfare and Security, ECCWS
Volume2022-June
ISSN (Print)2048-8602
ISSN (Electronic)2048-8610

Conference

Conference21st European Conference on Cyber Warfare and Security, ECCWS 2022
Country/TerritoryUnited Kingdom
CityChester
Period16/06/2217/06/22

Keywords

  • EDR
  • MDR
  • MSSP
  • SOC builder
  • SOC conceptual process model
  • SOC models
  • SOC planning
  • SOC services
  • systems engineering

ASJC Scopus subject areas

  • Information Systems
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Planning the Building a SOC: A Conceptual Process Model'. Together they form a unique fingerprint.

Cite this