A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Departmentalizing Your SecOps - Tom Gorup (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Departmentalizing Your SecOps
Tom Gorup

Circle City Con 2015

Security Operations Centers tend to encompass a 'Jack of all trades, Master none' type of setup. Security Analysts are required to learn different skills and procedures on-the-fly to meet expectations from other teams throughout the organization. This results in SOC's over promising and under delivering when the rubber meets the road. Security Operations needs to be broken out similarly to that of traditional IT teams. With each team encompassing different level of analysts specializing in skills and technologies. During this presentation I will be discussing current team (SOC and IT) layouts, why it's not working, and how Security Operations should be broken out. This presentation will also touch on ensuring teams also maintain the true Purple Team concept (mesh of blue team and red team players). Security teams are spread too thin within the organization and a shift must occur to ensure security is properly delivered.

Bio: Tom Gorup was an Infantry squad leader in the U.S. Army serving in Iraq and Afghanistan where he received the Purple Heart. After the Army, Tom joined Rook Security as a security analyst and quickly progressed to his current position of SECOPs Manager. In this role, Tom oversees the monitoring, scanning, and incident response for hundreds of enterprise-level companies. Additionally, Tom has spearheaded the transition into 24x7 operations and incorporated ITIL best practices. Tom also worked on the development of multiple proprietary threat intelligence tools. Tom is GCIA certified as well as a participant in the GIAC mentor program and a member of the GIAC Advisory Board.

Back to Circle City Con 2015 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast