Detection & Response

Detection & Response

4 options for security operations

Introduction

The use of rapid detection and response is now recognized as a method to meaningfully reduce security risk. Organizations are moving beyond simply lowering the probability of a breach to limiting the impact if a breach occurs.


Rapid detection and response are a clear focus, and organizations are spending time and money to manage growing security responsibilities, including operating a monitoring infrastructure, investigating alerts, and responding to incidents. Without this investment, organizations risk missing requirements necessary for regulatory compliance and missing the warning signs of incidents while they are in progress. Critical Insight has identified four options to manage detection and response:


  • Do nothing and accept the risk of breach
  • Assign security event review, investigation, and response tasks to existing IT staff
  • Build and staff an in-house security operations center (SOC) to manage the day-to-day elements of detection and response
  • Hire a trusted third party to provide the detection and response capabilities of a mature SOC


In this paper, we compare these four options and consider benefits and
costs. We cover the necessary elements of a functional SOC, including human resource and capital investments and the operational expenses that go with it. We use data from our direct experience building a SOC, along with expectations for a representative organization. The pros and cons of building a SOC or contracting for SOC capabilities from a trusted 3rd party provider.



In conclusion, we illustrate how outsourcing SOC operations to a trusted third-party provider can save an organization 80% relative to building an in-house SOC.

Get the Full Story

Download white paper

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Critical Insight contact background

Talk to one of our cybersecurity experts

245 4th St Ste 405Bremerton, WA 98337

Looking for careers?

View all job openings

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.