Why US Based SOCs are Important to US Based Companies

By Chris Nyhuis, Vigilant CEO

To secure your company, strategies and technologies must be put into place to protect against both external and internal risk. External risk comes from business partners with whom you intentionally share data/systems AND malicious cyber-criminals who want to steal from your organization. Internal risk potential comes from people who live and work within your company, protecting against the ways they either unintentionally share or expose data (as social engineering targets or through laziness/foolishness) and those who might intentionally embezzle data fueled by malice or greed.

Depending upon how extensive their detection, censoring and data collection, your security service uniquely exists both inside and outside your company. Sometimes they can actually increase your company’s risk of unintentional data theft if the right business model and processes are not in place.

For example, let’s talk about your security provider’s Security Operations Center (SOC). The SOC is a big deal. It is the central command post (think NASA command center) employing people, technologies and processes to ingest all collected data and detect, analyze and respond to any cyber security incidents. It is the VAULT where the collected data of all clients is processed and kept. It must be lifeguarded 24/7 by layered monitoring.

It goes without saying that a SOC should be secured at all possible costs.

However, to save money, an unconscionable number of companies house their data collection systems and analysis offshore, in other countries.

Let’s think about this for a moment. Putting aside the risk that comes from remote management AND the loss of the US criminal justice protective umbrella provided to an all US-based SOCs, let’s take a moment and just think about employment turnover.

GET THE LATEST DELIVERED TO YOUR INBOX

Vigilant is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. If you have any questions related to our privacy policies, please contact legal@vigilantnow.com

Internal Risk, as discussed above, comes from data leakage (intentional or unintentional) and from employee turnover. Technology laboratories around the world (India, Pakistan, Ukraine, etc.) have an employee turnover rate of as little as a few months. That means every position in each SOC has an opportunity to walk out the door with your data every couple of months. As one CEO said just last month, “Somebody should advertise an all US-based security team. That would be a great [marketing] strategy.”

People change companies for lots of reasons. They change because they are offered more money. They change because they are paid to bring data and expertise from their last company. They even change because the bad guys pay better, and bad guys need coders and programmers who understand cyber.

That is a lot of risk to afford somebody on the other side of the world, with both internal and external access to your company’s data.

Now, to be honest, US technicians go through turnover for all those reasons and more (less frequently but they still do.) This is why employee satisfaction is incredibly important in cyber security.

Every CEO, every board of directors and every leadership team puts unbelievable trust in their cyber-security partner. When you think about the potential to destroy incomes, reputations and societal stability, it is an almost sacred trust. This is a scary truth and one that Vigilant takes very seriously and applies very soberly.

For these reasons and more, since our founding over 14 years ago Vigilant has been committed to having only all US-Based SOCs that are reinforced by constant layered monitoring and security.

This will never change. Your data is too important.

Additionally, Vigilant has committed to the highest level of employee care. We love our employees AND we want our clients’ data to be as secure as possible. Because of these two passions, we have a double incentive to make sure our Vigilant-family is well cared-for and experience elite benefits, like competitive salaries, unlimited PTO, training and education tracks and more, so they stay with us as long as possible.

Our all US-based team members are worth it. They are worth it to us and they are worth it for our clients. If you want to be victorious in a CybeWar, you have to do whatever it takes... and Vigilant does.