![Page 1: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/1.jpg)
Copyright MKA Cyber © 2017. All rights reserved.
Getting the Board’s Buy-In Through SOC Metrics Mischel Kwon, CEO
MKACyber
![Page 2: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/2.jpg)
2
Not your average Data Center IT anymore…
![Page 3: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/3.jpg)
3
Current Cyber Threats
![Page 4: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/4.jpg)
4
Current Cyber Attacks
![Page 5: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/5.jpg)
5
Change in Use – Change in Risk
• Digital Revenue
• Societal Use
- Social Media
- New Outlets
- Elections
• Operational II
- Medical Devices
- Transportation
- Communication
• Cloud and Outsourced Application
• Mobile Devices and BYOD
• Supply Chain
- Chips
• Communications
• Data Storage and Processing
• In House Applications
• Desktops
• Data Centers
![Page 6: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/6.jpg)
6
What Makes you Vulnerable – Why?
• Lack of Threat Understanding
• Lack of Visibility
• Lack of Patching
• Weak Security Controls
• Antiquated Technology
• Unclear Cloud Role
• Un-managed Outsourced Applications
• Poor Code
• Supply Chain
• Staffing
• Methodology
• Technology
• Tooling
• Relationships
• Contracts
How Do We Fix This?
![Page 7: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/7.jpg)
7
Embracing the “C” level
![Page 8: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/8.jpg)
8
Business Hierarchy, Priorities, Communication
BOARD OF DIRECTORS
BUSINESS UNIT
CIO / CISO
TECHNICAL MANAGEMENT
CEO
![Page 9: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/9.jpg)
9
Business Unit Leader’s Priorities
RISK MANAGEMENT
PROFITABILITY ANALYSIS
FORECASTING
BUSINESS INTELLIGENCE
PERFORMANCE MANAGEMENT
BUSINESS UNIT
BUDGETING
STRATEGIC PLANNING
![Page 10: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/10.jpg)
10 10
• Metrics are NO longer time to deliver, SLA-based
• Metrics should be a contribution to the P&L
• Metrics should always tie back to the balance sheet
• Statistics capture the
current status of what
you are measuring
• Metrics tell the story of
how well what you are
measuring is performing
STATISTICS
METRICS
Statistics vs. Metrics
![Page 11: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/11.jpg)
11
Being a Participating Member of the Business Leadership Team
Be a
Business
Unit Leader
Show cost efficiency
Solution delivery remediation
High performing, transparent team
Just right – organized data, tooling, staff – just in time
Business
goal
![Page 12: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/12.jpg)
12
Organize, Automate, Report, Improve, Protect
![Page 13: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/13.jpg)
13
Mischel Kwon
CEO, MKACyber
Over 35 years of experience
in application development,
network architecture and
implementation, and building
and managing Security
Operations Centers (SOC).
Former, Head of US-
CERT
Former, Chief IT
Security Technologist,
Department of Justice
Founder, Cybersecurity
Diversity Foundation
![Page 14: Getting the Board’s Buy-In Through SOC Metrics...implementation, and building and managing Security Operations Centers (SOC). Former, Head of US-CERT Former, Chief IT Security Technologist,](https://reader034.vdocuments.site/reader034/viewer/2022042221/5ec7e21e4d6ec5103c1fa84a/html5/thumbnails/14.jpg)