The Truth Behind a SOC

How SIEM services work and why having a SOC is important

04.14.20 by Brittany Rodriguez, Marketing Specialist

We often assume that every business owner understands cybersecurity, or just general security for their business, but it’s not true. In fact, a big belief amongst small business owners is that they are undesirable to hackers. They push cybersecurity to the bottom of their priority list to get other items accomplished with the belief they aren’t big enough for hackers to pursue. But when left by the wayside, productivity can suffer when a cybersecurity breach occurs. The average cost of a cyberattack on an SMB is $3 million. Yes, these are the facts.

So what should an SMB do to protect itself? Let’s start with what a SIEM and SOC are. How do they relate to cybersecurity and your life, and your business? How does adding these items to your business docket ensure that your employees can function at maximum capacity?

SIEM (pronounced SIM – like the “retro” computer game that allowed you to play out your life as a teenager) is not a game at all. It is a real tool to mix technology, processes and people to aggregate important security events (logs) to detect and respond to incidents. You may have experienced something similar to this if you only shop at department stores for luxury items like handbags, perfumes or clothes. But one Sunday, when you’re making dinner, you find a mouse scurrying away with one of your ingredients, and you now need to go to Home Depot™ to get some mouse traps and whatever else will get rid of Mickey. When using your credit card at Home Depot, you receive a text that says something like, “did you make this transaction?” At first you might think it’s scary that they’re monitoring your purchases, but rest assured, it’s because your credit card company is constantly monitoring your purchasing behavior to understand, normalize and/or baseline your activity in order to keep your account safe.  Your shopping trip to Home Depot was definitely out of the ordinary for your buying behavior, but thankfully your transaction will be approved with your OK. Who wants to be under those fluorescent lights on a Sunday, trying to act as their own exterminator?

SOC. What is a SOC? Pronounced sahk, it’s nothing like the proverbial rice wine, sake, which accompanies a great Japanese dinner.  SOC actually deals with the human behind the screen, acting similarly to the Wizard of Oz.  It stands for Security Operations Center and it is just as you pictured it, sans yellow brick road and add a few more analysts from Oz.  These analysts are assigned to a business to understand the incident that occurred, respond to their event procedures (already established with their SIEM service) and initiate their incident response plan that includes escalating the incident up the chain of command.  These analysts are detail oriented, innovative problem solvers that have to think creatively in order to understand the anomalies of a business.  They are additionally skilled at planning and foreseeing a system issue and at the same time, well versed in the most appropriate way to respond.

Now that you have learned the basics of a SIEM and a SOC, and hopefully chuckled at some real life references you can relate to, you might begin to understand why this has major implications not only on your life, but on your business too. What do both of these items have to do with a successful, productive business? SIEM services are doing constant monitoring for you. They look at patterns, transactions, irregular behavior and are specifically paying attention to business oddities that need to be nipped in the bud. Have you ever tried to keep tabs on an unruly teenager? School, practices, SAT prep, friends, proms, dances and college apps – all happening while your debit card is hooked to their Venmo™ account? It’s not only exhausting, it’s terrifying, because at any moment that debit card could be drained, with the click of a button and maybe even a cute ice cream cone emoji from the hacker.  As a business owner, how can you possibly manage all of that for your entire business, while at the same time, be effective at growing it? How can you ask your employees to be productive if their systems aren’t working because of a breach?

All Covered’s SIEM and SOC solutions are there to make the ‘terrifying’ things manageable, ensuring your systems are constantly monitored in real time, by a team of experts ready to take action in the event of any suspicious or malicious activity.  Call us today to learn more about our cybersecurity solutions.

Let’s talk about security

Get Started

Learn how All Covered can cut your IT costs, assist with your technology projects, and help strategize your initiatives. Fill out the form below.