Skip to Content

Making SOC a no-brainer

Michael Wasielewski Jr
20 Nov 2023

Every small to medium enterprise (SME) wants confidence in the cloud, but you can’t fight against what you can’t see. While many businesses know that they need to have better visibility and alerting on their security operations, they often struggle because they don’t have the capacity to run their own security operations center (SOC) and can’t justify the cost of a fully managed SOC service. Although software solutions exist, they often still require staff to perform the care of the integrations, prioritize issues, and develop meaningful executive-level reporting. This leads to underutilized or underperforming platforms that don’t fulfil expected value.

So, will 11 employees, the typical size of an IT team in an SME, be able to effectively monitor security issues as they arise in the cloud and bring the expertise necessary to act on threats in time? Probably not. In a connected era, where SMEs are dependent on public cloud vendors (worldwide spending on cloud services is expected to reach $1.3 trillion by 2025), the risks of not having visibility into cloud security are too great to ignore. So how can we address this gap?

Why can’t we just put a SOC in it?

The increasing use of public cloud is driving up cloud costs for all organizations, with 53% of SMEs now spending more than $1.2 million per year on cloud – up from 38 percent in 2021. At the same time, many finance teams are closely scrutinizing IT budgets as inflationary pressures force businesses into cost-saving mode. As a result, finance teams might contend that external SOC services are cost prohibitive. Additionally, cost feeds into personnel capabilities. The global cybersecurity skills shortage is estimated at 3.5 million people, and even if SMEs wanted to expand internal security teams, they would find it difficult to find and attract workers. As organizations begin building and migrating to services like AWS, without proper expertise and tuning they risk drowning in alerts from cloud-native tools and being left unable to take full advantage of third-party platforms.

There’s ample evidence that companies who don’t invest in such services risk millions in costs, fines, and lost revenue. With 79% of companies experiencing at least one cloud data incident in the last 18 months, it is clear that companies that are prepared with better visibility will stand a better chance of catching incidents before they become breaches. Most IT teams will already be under intense pressure to handle security threats with limited resources and so a first line of security that is automated, with intelligence delivered by experts, and cost-effective is a no-brainer. Simply put, effective SOC capabilities will turn alert fatigue into alert energy.

Introducing Cloud SOC Essentials for AWS, powered by Trend Micro

To fill the gap between in-house capabilities and fully featured (and expensive) managed SOCs, Capgemini has partnered with Trend Micro to deliver a fully managed platform that provides visibility into high-value alerts along with actionable reports at a fraction of the cost of the alternatives.

Cloud SOC Essentials for AWS is designed to help SMEs move into the cloud with confidence. The service focuses on helping customers to identify and respond to the most common cloud security threats by providing real-time alerting integrated into customers’ existing workflows complete with suggested remediations. Additionally, curated executive-level briefings are provided on a periodic basis to help guide C-level executives on overall events, posture, and trends meaningful to the overall business. With simplified security operations and costs, organizations can address growing risks and achieve improved cyber resiliency outcomes. Built as a service platform as opposed to agent-based , the Cloud SOC Essentials service aims to reduce your team’s operational burden and maintenance responsibility and scale with you as you grow your business.

From the beginning, the service starts by evaluating AWS identity behavior in your environment to identify known threat patterns and build a baseline of activity to later detect anomalous behavior using Trend Micro’s advanced threat hunting capabilities. If any alerts are identified, additional logic and analysis is applied to evaluate the impact and importance of the alert to ensure your team is only notified when there is an issue they need to take immediate action on. The alert notifications are also augmented with tried and tested best practice responsive actions your team can take based on the collective experience of Capgemini’s numerous global SOCs so you know exactly where to begin. In addition to the immediate alerts, the service also provides periodic assessments and findings aggregation, reporting on feed health, alert trends, overall system posture, and risk in multiple formats tailored to customers’ operational and executive teams. This provides actionable intelligence managers and executives can use about best practices and open risks even in the absence of active issues.

As noted earlier, typical managed security operations centers can cost companies thousands of dollars a month, and managing your own can cost millions of dollars. While these alternatives are intended to cover a much larger scope of capabilities, the Cloud SOC Essentials service provides the core visibility functionality of what is going on in your AWS environment, along with guidance from the Incident Response experts at Capgemini, for a fraction of these alternatives’ costs.

Against the backdrop of difficult economic and security circumstances, SMEs can take advantage of the integrations available in the cloud-connected era to deliver on their commitments to their customers, including keeping their data safe. For the first step into protecting their infrastructure and their customers’ data, it’s crucial that security visibility moves from luxury to a necessary no-brainer. So, for a fraction of the cost of running or managing a SOC, without overburdening existing IT teams with hundreds of alerts, and with the expertise of Capgemini and Trend Micro behind it, the Cloud SOC Essentials service can provide you the peace of mind to get started.

You can learn about this service on the Capgemini website and sign up or request information here.

Author

Michael Wasielewski Jr

Global Head of Cloud Security Services, Capgemini
Michael is responsible for global cloud security and next-gen secure architecture portfolio development. He brings a robust background ranging from network operations and engineering to running global information security teams and modernizing enterprises through their cloud and workplace journeys, as well as executing as a global cloud security specialist for AWS. When not playing video games with his two kids or struggling to learn French, you can often find Michael arguing about what zero trust really means, why you are almost always more secure in the cloud, and why New York-style pizza is the best.