Cyber Strategy & Transformation

Security Operations Center (SOC)

We help our clients analyse areas for improvement in order to take the SOC to the next level of maturity. We provide a comprehensive overview of SOC operations for a future strategic roadmap.

Challenges

How do we ensure the right processes and governance to fully implement and operationalise a SOC?

A SOC is more than just installation of a log management solution. It requires significant process and governance enhancement to fully operationalise the SOC. Some of the process and governance challenges associated with the implementation of a SOC may include:

  • Defining threat scenarios and logs required to monitor against the organisation’s threat landscape;

  • Defining key performance metrics (as well as risk indicators) that aligns with the organisation’s risk appetite;
  • Defining and updating a playbook with clearly defined roles and responsibilities to avoid confusion in the event of an incedent;Understanding the capacity of the SIEM solution, supporting architecture and the minimisation of ‘noise’ (false positives); and

  • Recruiting skills and offering relevant training to subject matter expertise to improve the overall quality of the SOC capabilities.

Our approach

Our approach provides our clients with a strategic roadmap combined with a TCO analysis (total cost of ownership) with prioritised recommendations for future transformation to full ownership of the SOC.

Our approach consists of five phases:

  1. Initiation and Information gathering

    We tailor the assessment framework and agree on a project plan.

  2. Target State

    We understand the current-state maturity of the SOC capabilities to provide a baseline for future improvement.

  3. Current-State Assessment

    We define the target-state maturity for the SOC and identify recommendations for how to address the gap.

  4. Reporting

    We generate reports that capture the assessment throughout the phases.

  5. Strategic Roadmap

    We develop a roadmap including the target operating model and the prioritised roadmap combined with the TCO analysis.

  1. Initiation and Information gathering
  2. Target State
  3. Current-State Assessment
  4. Reporting
  5. Strategic Roadmap

We tailor the assessment framework and agree on a project plan.

We understand the current-state maturity of the SOC capabilities to provide a baseline for future improvement.

We define the target-state maturity for the SOC and identify recommendations for how to address the gap.

We generate reports that capture the assessment throughout the phases.

We develop a roadmap including the target operating model and the prioritised roadmap combined with the TCO analysis.

Why Deloitte?

Awarded market leaders

We strive to continuously lead the market in the area of cyber risk and security services. We are awarded and acknowledged by some of the most renowned institutions within the area of cyber, e.g. Gartner, ALM Intelligence and Forrester. In 2020, we were named global leader in Security Consulting Services for the 9th year in a row by Gartner.

Leading-edge technologies

We are committed to investing in innovation and emerging technologies to ensure that we are equipped with the latest tools to solve current and future challenges for our clients. Alliances with market-leading cyber vendors and groundbreaking startups around the world offer our clients access to a wide range of cyber-risk technologies and leading-edge technology innovation.

Global intelligence delivered locally

We have the largest professional services network in the world. Diversity across our cyber teams helps us work across the globe with a local and personal lens. We have over 8,600 dedicated cyber-risk service practitioners of which 1,300 are dedicated to Europe and the Middle East alone, ready to help our clients everywhere with any challenge.

End-to-end cyber-risk services

We cover every aspect of cyber risk — from advisory and implementation of strategic transformations to managed security services, product solutions and incident management. This enables us to deliver more resilient and silo-breaking solutions, taking the whole business chain into account. This helps our clients to leverage their potential and growth even more.

Reach out

If you recognise some of these challenges, or if you would like to know more about how we can help your company, please do not hesitate to contact us.

Jay Choi

Partner

Mads Halkjær Ingvorsen

Senior Manager