Main Page

From Socology.org - The Study of Security Operations
Revision as of 04:53, 17 October 2018 by Frankangiolelli (Talk | contribs)

Jump to: navigation, search

Socology | The Study of Security Operations


Objective

The objective of socology is to provide the community with guidelines, frameworks and resources that improve Security Operations from a Management and Strategic level. While the framework can be used to evaluate your own Security Operations Center, this is designed to be a guideline to improve those ratings.

Why create socology?

  1. Understand the Complexity - Security Operations is a highly complex and multifaceted portion of Cyber Security. We want SOCs to be successful.
  2. Implementation - Implementing, maturing and maintaining Security Operations goes beyond technology and tools.
  3. Guidelines - Socology is attempting to identify those dimensions and some guidelines to help you be successful.
  4. Lessons Leaerned - Lastly, in discussion with our Subject Matter Experts, common pain points and lessons learned have emerged which we feel would benefit the community to

While framework exist for Risk Management, like NIST [1], CMMI [2] and SOC-CMM [3], the Security Operations field has gaps in guidelines and frameworks for implementation. We are working to study, identify and fill in those gaps where possible.

While ITIL is an excellent resource for IT Operations, we argue it has gaps when applied to Security Operations.

Retrieved from "https://socology.org/wiki/index.php?title=Main_Page&oldid=2"