Detect and Respond

Security Operations Center (SOC)

Deloitte provides a Security Operations Center so you can focus on other important activities, rather than spending your time maintaining the machinery.

Challenges

Do I have the budget to do this, do I have staff to run a Security Operations Center?

Running a security operations center requires a lot of things. Many of these things can seem to be an expensive investment to keep in-house.

Does your company want to invest in building a secure room and a secured network to facilitate such a function, which would be required due to the confidential data being handled and discussed?

Customers might not want to administer the systems which are part of a Security Operations Center. Such systems could be a SIEM solution, a network monitoring tool, an Endpoint Detection & Response tool, etc. These systems can be complex to set up and require time and certain skillsets to maintain.

Some companies might not be “big” enough to have such a function, as the investment is simply too high compared to the associated risk.

Budget is an important factor as well – not only does these tools cost money; maintaining them also requires people with experience of maintaining such tools. It can be difficult to see the return of investment for such a big investment across people, processes and technology.

Imagine the cost if you had to build this in your own company:

  • Identify an appropriate location/room which can secured. Provide network cabling, physical access and ensure the best work environment to make sure analysts are most effective;

  • Buy the required technologies – (e.g. a SIEM tool, a vulnerability scanner, a case-handling tool);

  • Develop and implement processes for maintaining the technologies;

  • Hire staff with a security background and useful experience across platforms;

  • Hire staff with experience in managing and maintaining the technologies (capacity, troubleshooting and patching); and

  • Maintain skillsets by continued training of staff.

Many of the above would be recurring costs as wages, licences and expenses.

Our approach

We will help clarify your needs, and implement and maintain a successful solution.

Deloitte provides a security operations center, which includes SIEM platform administration and maintenance.

  1. Clarifying your actual needs

    First we will identify your actual needs together with you, e.g. sizing, which sources to ingest, system scalability, on-premise/Cloud solution and if it should be a high-availability mode.

  2. Implementation approach

    Based on your requirements and the information provided by you, Deloitte will perform best-practice implementation in the first phase of the establishment of a robust and value-adding Managed SIEM service, while providing an integration option between yours and Deloitte’s ticketing systems.

  3. Operational

    During the service, Deloitte provides the resources to maintain, support and patch the systems. This includes operational monitoring of the platforms’ capacity, utilisation, etc. It also includes monthly reporting.

  1. Clarifying your actual needs
  2. Implementation approach
  3. Operational

First we will identify your actual needs together with you, e.g. sizing, which sources to ingest, system scalability, on-premise/Cloud solution and if it should be a high-availability mode.

Based on your requirements and the information provided by you, Deloitte will perform best-practice implementation in the first phase of the establishment of a robust and value-adding Managed SIEM service, while providing an integration option between yours and Deloitte’s ticketing systems.

During the service, Deloitte provides the resources to maintain, support and patch the systems. This includes operational monitoring of the platforms’ capacity, utilisation, etc. It also includes monthly reporting.

Why Deloitte?

Awarded market leaders

We strive to continuously lead the market in the area of cyber risk and security services. We are awarded and acknowledged by some of the most renowned institutions within the area of cyber, e.g. Gartner, ALM Intelligence and Forrester. In 2020, we were named global leader in Security Consulting Services for the 9th year in a row by Gartner.

Leading-edge technologies

We are committed to investing in innovation and emerging technologies to ensure that we are equipped with the latest tools to solve current and future challenges for our clients. Alliances with market-leading cyber vendors and groundbreaking startups around the world offer our clients access to a wide range of cyber-risk technologies and leading-edge technology innovation.

Global intelligence delivered locally

We have the largest professional services network in the world. Diversity across our cyber teams helps us work across the globe with a local and personal lens. We have over 8,600 dedicated cyber-risk service practitioners of which 1,300 are dedicated to Europe and the Middle East alone, ready to help our clients everywhere with any challenge.

End-to-end cyber-risk services

We cover every aspect of cyber risk — from advisory and implementation of strategic transformations to managed security services, product solutions and incident management. This enables us to deliver more resilient and silo-breaking solutions, taking the whole business chain into account. This helps our clients to leverage their potential and growth even more.

Reach out

If you recognise some of these challenges, or if you would like to know more about how we can help your company, please do not hesitate to contact us.

Søren Tillebæk Jensen

Senior Manager

Mads Halkjær Ingvorsen

Senior Manager