Building a CSOC: Keys to SuccessRakuten India's Jagdeep Singh on the Critical Steps
When building a next-generation cybersecurity operations center, or CSOC, organizations must first understand their attack profile and determine the scope of threat monitoring needed, says Jagdeep Singh, CISO at Rakuten India, an e-commerce company.
"You need to understand your assets and attacks ... and then you scope it out," Singh says in an interview with Information Security Media Group.
A CSOC must be properly configured to take a defense-in-depth approach that goes beyond a conventional SOC, he adds. "So on a high level, if I am having application and network as a scope and I am excluding endpoints, the CSOC will not be able to monitor an attack starting from the endpoint," he points out.
In this interview (see audio link below the image) Singh also discusses:
- Tools needed for a CSOC;
- The difference between a CSOC and a conventional SOC;
- The kinds of attacks a CSOC can help thwart.
Singh is the CISO at Rakuten India. Previously, he was cybersecurity adviser at PwC. He has experience in security operations center design and implementation; security roadmap/strategy; incident management; security governance; risk and compliance; security maturity assessments; CISO advisory services; security processes advisory services; business continuity; and insider threat programs.