Strategy 1: Know What You Are Protecting and Why | SANS Blueprint Podcast
48As the saying goes, "If you don't know where you're going, any road will take you there!" - an approach that is disastrous to a SOC. In order to succeed, the SOC must have a clear understanding of where they are going, how they're going to get there, and why. In this episode of our "11 Strategies" season, we discuss chapter 1 of the book - "Know What You're Protecting and Why". Understanding your organization and the environment the SOC must perform in forms the foundation of all security team activity. In this episode, the authors discuss the critical aspects of knowing what you're protecting. This includes considering your organization's mission, the legal, regulatory, and compliance environment, the technical capabilities you may or may not have, and the users that will inhabit the network and the actions they're going to be performing. Understanding these factors ensures your team starts off on the right path and keeps a common goal in view.
This special season of the Blueprint Podcast is taking a deep dive into MITRE’s 11 Strategies of a World-Class Cyber Security Operations Center. Each episode, John will break down a chapter of the book with the book’s authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.
If you missed the first episode on Chapter 0: Fundamentals, watch it here https://youtu.be/6PRmCvRCKTQ
For Strategy 2 - Give the SOC the Authority to Do Its Job watch here: https://youtu.be/UfpO9iZMDrY
For more episodes, visit https://www.sans.org/u/1qz3
To learn more about the 11 Strategies of a World-Class Security Operations Center, visit here: https://www.mitre.org/news-insights/publication/11-strategies-world-class-cybersecurity-operations-center