Why US Based SOCs are Important to US Based Companies
By Chris Nyhuis, Vigilant CEO
A Vigilant Know More Series
To secure your company, strategies and technologies must be put into place to protect against both external and internal risk. External risk comes from business partners with whom you intentionally share data/systems AND malicious cyber-criminals who want to steal from your organization. Internal risk potential comes from people who live and work within your company, protecting against the ways they either unintentionally share or expose data (as social engineering targets or through laziness/foolishness) and those who might intentionally embezzle data fueled by malice or greed.
Depending upon how extensive their detection, censoring and data collection, your security service uniquely exists both inside and outside your company. Sometimes they can actually increase your company’s risk of unintentional data theft if the right business model and processes are not in place.
For example, let’s talk about your security provider’s Security Operations Center (SOC). The SOC is a big deal. It is the central command post (think NASA command center) employing people, technologies and processes to ingest all collected data and detect, analyze and respond to any cyber security incidents. It is the VAULT where the collected data of all clients is processed and kept. It must be lifeguarded 24/7 by layered monitoring.
It goes without saying that a SOC should be secured at all possible costs.
However, to save money, an unconscionable number of companies house their data collection systems and analysis offshore, in other countries.
Let’s think about this for a moment. Putting aside the risk that comes from remote management AND the loss of the US criminal justice protective umbrella provided to an all US-based SOCs, let’s take a moment and just think about employment turnover.