decrypting myths
vulnerable to threat
actors. “Automation
itself is a form of
vulnerability,” said Sam
Curry, Chief Security
Officer at Cybereason. “You
have to check your blind spot
at pseudo-random intervals to
see who’s hiding there because the
machine will become predictable
and therefore exploitable. So, the
mission is not to automate for the
sake of it but to make the humans
more effective, improving the value
of their output without weakening
the whole.”
The CR Think Tank agreed that
business and security need to be
in lockstep to be proactive
whenever possible and avoid the
security chase.
Processes and efficiency
– seating plans as the key
to success?
Finally, the report highlights the
importance of physical proximity
when dealing with tech teams.
Seating location within an office
can make a big difference – many
companies opt to put their tech and
security teams next to each other
to foster creativity, agility and better
communication. For example, seating
SOC teams next to the product team
can improve efficiencies in terms of
how they iterate and build new tools.
However, for employees who work
remotely, communicating with internal
teams frequently to ensure alignment on
priorities and objectives is key.
No matter what an organisation’s SOC
setup is, the most important factor is
relationships. SOC teams, whether
internal or external, need to be invested
in the organisation’s mission and its
core targets. With talented individuals
in short supply, training, upskilling and
using technology for efficiency gains are
key to transform your SOC team. u
www.intelligentciso.com | Issue 27
69