I’ve recently commissioned Capgemini to set up a Security Operations Center (SOC). We were in the process of reconfiguring our data infrastructure anyway, so this was an ideal opportunity to review our data security processes too.
We had good reason for doing so. The ongoing security of our networks and systems requires constant vigilance. But monitoring our operations was becoming increasingly onerous. Dealing with multiple suppliers, multiple architectures and multiple hosting arrangements had made it more difficult to maintain a consistent view of the cyber-threat at all levels. And that threat is constantly evolving.
Even an organization that’s well protected with the right tools and the right processes in place leaves itself open to attack if it is not monitoring systems, detecting potential security incidents and able to make changes to its operations quickly to counter any threat detected.
This poses a significant risk at a number of levels: not least that evidence suggests it takes 229 days for a breach to be detected, during which time the hacker can get unauthorized access to critical information. The ensuing loss of reputation, customer trust and revenue was not something we could countenance.
So I embarked on the path to an SOC solution. Based on their security audit, Capgemini recommended three options:
- Onsite, run by our own staff—although we were lacking both time and expertise to resource this
- Onsite—but with the SOC run entirely by Capgemini
- A fully outsourced and managed SOC
The audit process was reassuring and all three options clearly used best-of-breed tools (including advanced analytics to detect threats quickly). On balance, we felt option 2 would work best for us. So, we gave Capgemini the go-ahead.
Typically, SOCs take longer to implement than an Identity and Access Management as a Service (IDaaS) solution. But in our case, Capgemini’s SOC proved itself within a couple of weeks when it picked up multiple malicious threats before they could cause any damage. A critical area of value in this is that it enables us to make changes to our operations quickly to counter any threat detected.
To find out what Capgemini’s Security Operations Center could do for you, click here.