Security convergence between cyber and physical has many benefits. But how do you do it? Dataminr answers that question in this insightful article.
When speaking to clients about their security operations centres (SOCs), one word inevitably makes its way into the conversation: convergence. They want to know if they should merge their operations—typically cyber and physical—so that they live under a single, unified security function.
Make no mistake: the answer is yes. The SOC of the future is converged, and organizations with best-in-class SOCs have already gone down the path of integration. Now after the COVID-19 pandemic and increased IoT adoption expose new risks, more and more security and risk leaders find themselves responding to the call of convergence.
Ad-Hoc Solutions vs. Actual Convergence
While ad-hoc adjustments may help recalibrate to the new normal, the underlying issues remain. To better identify, mitigate and respond to expanding risks, the only true solution is the converged SOC.
The catch is that successful integration requires strategy covering three key areas: people, process, and technology. Below, we explore what this means for building the SOC of the future, including best practices for security and risk leaders to adopt.
Just as architects must ensure they don’t close off opportunities for expansion, security and risk leaders should ensure their process maps build in the redundancy needed to allow for future SOC developments—not merely to address the challenges of today.
Build a High-Performing Team with Shared Objectives
Any SOC’s greatest asset is its people. Those who are most skilled know how to use technology to augment what they do and how they do it. The rise in cyber risk and increasingly blurred lines between cyber and physical threats have created a need for security teams with more diversified backgrounds and technical expertise.
Security and risk roles often attract those with backgrounds in international relations, geopolitics, the military, or law enforcement. So, when building a team for a converged SOC, consider different types of experiences and ways of thinking for a more diverse workforce. Ask yourself:
‘How can I build a team that understands and engages with the full organization?’
‘How can I use the converged SOC model to remove silos and add more value to the business?’
Consider tapping into non-traditional security talent pools, including those from supply chain; environmental, social and governance (ESG); brand and reputation; crisis management; government affairs; and third-party risk teams. A mix of skills and backgrounds is an effective way to future-proof your SOC team to better anticipate—not just react to—potential risks and challenges.
Establish Resilient, Future-Facing Processes
Process is the connective tissue between people, technology and the broader organization. When done right, it can result in an almost seamless flow of real-time information that supports decision-making and adds value at nearly every step.
When designing processes for converged SOCs, it’s important to consider what the business will become rather than what it is now. Once you collect data, how will you use it? Have you identified which information should be communicated and to whom? Do you have a clear escalation plan and process? Does it include all key partners across the organization? How will the integration deliver more value to the organization? And if so, in what ways?
Just as architects must ensure they don’t close off opportunities for expansion, security and risk leaders should ensure their process maps build in the redundancy needed to allow for future SOC developments—not merely to address the challenges of today. Create a process and map that links humans, technology and business, then make sure it can grow for future, modular plug-ins.
KEEN TO FIND OUT MORE ABOUT AI AND REAL-TIME ALERTING?
To learn more about how AI and real-time alerting can help you move towards convergence, please visit the Dataminr page, where you’ll find thought leadership content straight from the C-suite.
Scale with Cutting-Edge Technology
Technology enabled business to transform and pivot during the pandemic. But it’s only ever as good as the people who use it and the process that enables it.
Keep this in mind when selecting technology providers. Your converged SOC needs tech that is fit for the future. That means you must spend a considerable amount of time and effort on the selection process. The right partner will share your ambition and vision.
When selecting a partner, there are two general principles to follow:
1) Aim for providers with deep expertise instead of broad, shallow knowledge
2) Check suppliers’ development roadmap and select only the best-in-class technology solutions that will develop at the same pace across all offered capabilities.
Be sure to ask questions that focus on unique selling points and investments in R&D. Then ask to see and be briefed on:
- The product roadmap
- Where investments are coming from
- The timeframe for delivery
- How much of the future capabilities will be under the current terms
Dataminr is a key partner to hundreds of the leading global SOCs. They use real-time alerts—often received within minutes or even seconds of an event occurrence—to identify and mitigate risks early on, and more quickly and effectively protect their people and assets.
Dataminr is recognized as one of the world’s leading AI businesses. The company’s clients are the first to know about high-impact events and emerging risks so they can mitigate and manage crises more effectively. Dataminr solutions are relied on 24/7 by hundreds of clients in over 100 countries across six continents to help them solve real-world problems. Dataminr is one of New York’s top private technology companies, with over 800 employees across eight global offices.