Geneva Security Operations SIG Forum

The Geneva SOC Forum was an interesting event, with some excellent presentations.  The first was by Carine Allaz on her experiences of establishing and running a Security Operations Centre for a private bank in Switzerland.  A lot of the lessons she learnt are common to many of the organisations we’ve seen that have undertaken.  She mentioned that setting up a SOC had given her her first grey hair, I pointed out getting involved in building over 90 for our customer had made mine go grey, then completely fall out…

The second speaker was Jonathan Sinclair.  His presentation focused on demonstrating business value and the development of meaningful use case – again spot-on with my experiences and something that businesses continually get wrong, limiting their return on investment in security operations.

This was followed by the SOC Jeopardy session we facilitated.  In the session we asked the 70+ attendees, from SOCs all over the Geneva and Lucerne area,  a selection of 11 questions around business-alignment, technology, people or process.  These questions were a subset from the over 250 used in our Practice’s Security Operations Maturity Assessment, used to construct build or improvement roadmaps for our customers.

20171213_155616_resized-2-2.jpg

The next step was to compare the room’s results with that of the average we see across from the hundreds of assessments we’ve conducted across the globe; then to discuss the impact that the different maturity levels would have on the effectiveness and efficiency of their SOCs; as well as discuss the constraints and challenges they may have in achieving the more mature levels.

20171213_162441_resized-2-2.jpg

On-the-whole, the level of maturity seen in the organisations in Switzerland was at least as good, if not higher, than the average across the globe.  Some really insightful questions came from the audience and the two other speakers were exceptional.  It is a shame that non-commercial events like this, that bring together SOC managers and operational staff with their peers to discuss best practices, do not exist in most other countries.

Previous
Previous

SOC Mistake #10: You confuse your SOC with your NOC