Regions icon
Membership icon
Certification icon

CREST releases new guide to Security Operations Centres

Timely release of new guide aims to demystify the purpose, role and function of Security Operations Centres.

CREST, the global not-for-profit community of cyber security businesses and professionals working to keep our information safe in a digital world, today launches a new report into Security Operations Centres (SOCs).

The CREST “What is a Security Operations Centre?” guide is a chance for everyone with an interest in cybersecurity to gain a better understanding of what a SOC is, what it does, and the different types of security operations centres.

The report is one of several produced by the organisation to help build capacity and consistency in the cyber security industry, aimed at companies and individuals who need to understand the growing importance of a SOC in an organisation.

As the average cost of a data breach reaches US$4.24m, and average time to respond, identify and contain a breach is 287 days, there is a clear and urgent need for organisations to step up and take control of the ever-evolving threat landscape.  A Security Operations Centre is still a relatively new term, so CREST felt it appropriate to define the term and scope with a new Guide.

Nick Benson, CREST CEO, says: “This latest guide in our regular pipeline of such reports offers the chance for organisations to better understand the scope, role and positioning of a SOC. We would like to thank the CREST SOC committee, made up of global cyber security professionals for their invaluable help in compiling the Guide. We hope the guide provides an easily accessible and understandable guide relating to when, why and how to set up a SOC in your organisation.”

The 20-page free Guide is now available to download at: https://www.crest-approved.org/research-and-reports/. It covers what a SOC is and why you need one; when and how to create one, the functions, activities and advantages of a SOC; the different types of SOC and the types of people required to work within a SOC.

Leigh Collett, Chair of CREST SOC Focus Group, adds: “Not only is it important to understand what a SOC is, it’s also important to know that they have been independently evaluated. CREST SOC accreditation provides organisations that confidence.”

In 2021, CREST received a grant of US$1.4 million from the Bill & Melinda Gates Foundation to help increase cyber security capacity and cyber resilience in Bangladesh, Ethiopia, Indonesia, Kenya, Nigeria, Pakistan, Tanzania and Uganda.  This latest SOC Guide is one of many being created by CREST to assist in this enabling process.