Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

SOCs: Focus on Outcome, Not Process


Audit , Cybersecurity , Governance

SOCs: Focus on Outcome, Not Process IG: NRC Should Redefine Contract to Outsource Security Operation Centers Eric Chabrow (GovInfoSecurity) • January 21, 2016

Organizations, in defining the goals of their security operation centers administered by contractors, should focus on outcomes and not processes.

See Also: Roadmap for Identity Management in the Modern Organization

That's a conclusion of an inspector general's audit of the Nuclear Regulatory Commission issued earlier this month, which experts say also applies to other government agencies and businesses.

Like many organizations in and out of government, the NRC outsources to a third-party contractor - in this case, Dell Federal Services - operation of its SOC, which monitors its information networks for suspicious activity. The inspector general says a major problem with the approach the NRC takes is that the agency, in its contracts, defines processes the contractor should...(continued)

View All Trending Stories