Intelligent CISO Issue 57 - Page 64

BUSINESS SURVEILLANCE
Cybersecurity operations maturity scale :
LEVEL 1
LEVEL 2
LEVEL 3
LEVEL 4
LEVEL 5
We know we need to establish a cybersecurity operations capability , but we have no budget , personnel , or technology in place to build one .
We are using some intelligence feeds but do not have a SOC or SIEM in place and cannot link threats to our strategic position . We have limited resources to support our security operations practice .
We have an established cybersecurity operations practice with dedicated personnel , we curate our feeds and can relate threats to our organisational environment and events , but our approach is reactive and means time to detection is longer than we would like .
We have an established cybersecurity operations practice that is tuned to recognise threats that are specific to our organisation and prioritises them accordingly . We integrate with the wider business . Our cybersecurity operations practice is advanced and operates a fusion centre model that goes beyond focus on IT / OT threats and integrates with other areas such as IR , patch management , risk and compliance . We are viewed as an asset to the business .
Role-based variations : CISOs are struggling with cybersecurity maturity
We surveyed a mix of CISOs , Heads of SOC , Heads of IR , Heads of Cyberthreat Intelligence and IT Security Solutions Architects from a range of industry verticals , including : Defence , Retail , Financial Services , Central Government and Critical National Infrastructure . Respondents came from organisations with between 2,000 and 10,000 + employees . The responses show notable variations in how different roles view their security operations ’ maturity , and when cross-referenced with responses to other questions , showed that existing
64 www . intelligentciso . com