This is the last book I just finished reading, I am going to be honest with you it is a very tedious book to read if you are not new to the field however I do not want to undervalue the book as it is a very important source of knowledge for those in the SOC field. The book is the effort of a group of professionals in the MITRE Corporation. This publication contains the 10 more important strategies to discuss and follow after a decade in which the MITRE corporation has been helping organizations with CND ( computer network defense).
The books is aimed at anyone involved or dealing with SOC enviroments, whether you are SOC manager, Cyber Security, Intelligent Analyst or Security engineer this book will provide you insight into the current hot topics in the SOC arena.
If you are a SOC manager the book will help you to understand topics such as,
- Positioning of the SOC within the organization or constituencies it defends
- Data collection strategies
- SOC structure and services definitions
- Tactical issues such as training, analyst or SOC procedures
If you play a tactical role in the SOC such as Cyber, Intel or engineer you will go through important topics such as,
- Important training, development and role functions in a SOC enviroment
- Data analysis techniques,procedures, technologies and tools for CND
- SOC strategic role in the modern enterprise
I started my career as a Business developer despite I went through training in systems engineering in the University. The role and function of a business developer goes beyond discussing technology with the organizations you are targeting and that it is why I consider this book an interesting resource to read since you need to answer questions such as,
- Who is your target audience?
- How are they structure in the team and inside the SOC
- Command chain and decision making flow
- Strategy definition for a modern SOC
- Technology they work with as well as issues and limitations of current solutions
All these questions and topics explained in the book will provide presales and even sales with situational awarenes to start making the questions that really provide value and make an impact during the sales process. It is a very tedious book for a sales person but if you are lucky enough to have presales engineer in your team this will help him to target the account.
Lastly I would like to mention the chapter 9: Be a sophisticated consumer and producer of cyber threat intelligence. This chapter discuss everything that has to do with Threat Intelligence so trendy today in the Cyber world. As APT’s are becoming more sophisticated and therefore the amount of information and intelligence is getting more important to defend against these threats, the book defines strategies, procedures and objectives to bootstrap this capacity in the SOC. This is definitively the chapter of the book I enjoyed the most as my interests go in this direction.