Running a security operations center (SOC) in a hybrid environment is an ever-evolving challenge. Old SOC strategies are no longer enough to mitigate threats in the rapidly changing risk landscape, and old problems of inefficient security processes and small budgets are still looming.

Risk and security leaders must become more resilient, and during our Dataminr-sponsored discussion on September 16th, Optimizing Your SOC Playbook for the Future Hybrid Workforce, our expert panelists shared ways they’ve embraced remote collaboration, redefined processes, and developed scalable technology stacks that can handle threats in real-time.

Check out the some main takeaways from our 9/16 discussion:

1. Secure more corporate assets.

Chris Brozenick of Dataminr noted how, over the course of the COVID-19 pandemic, security footprints have changed in both size and type. With the shift to the remote workforce; assets, employees, and proprietary information have spread to more locations than ever. Gone are the days when security and risk leaders had to focus on only 15 or 20 corporate locations.

“You now have potentially 50,000, 100,000, or more individuals that are the core assets of your organization spread around the world,” Chris said. Security and risk leaders must figure out how to use novel tricks and processes to safely handle so many corporate assets.

2. Understand that today’s threats are not isolated incidents.

Robert Gummer of the NFL pointed out that with the diverse barrage of security hazards seen in the last 18 or so months, our understanding of threats has evolved. Both security teams and the public have realized that, whether risks are posed by medical emergencies or active shooters, none are isolated incidents.

“For the first time,” Robert said, “there was a public realization that all those events matter, they’re not isolated to the news cycle or to a certain segment of the world.” On the contrary, Robert observed, “all those things were at your doorstep, and they have a direct impact on your business and your day to day life.”

3. Combine cyber hazard and security teams.

Because cyber and physical threats so often overlap, said William Davis of Ally, cyber hazard teams and security teams must work together more closely. To that end, Ally has established a Fusion Center, a physical location where the two teams collaborate along with the fraud intelligence team.

4. Ensure remote communication.

Ross Armstrong of Columbia Bank stressed how vital it is that SOCs provide remote employees with the tools to communicate as effectively as they do in-person.

How? Ross says he likes to keep things simple. Unlike most security leaders, Ross said,“I don't have a huge GSOC. I have one person that monitors a lot of my stuff.”

5. Integrate new technology.

William said that when Ally considers incorporating new technology into its SOC, it examines how this technology will interact with the technology that Ally is already using.

The goal, William said, “is to provide a better product to deliver even more than it should out of the box, and then try to be as flexible as you can.”

Curious to learn more about the future of the SOC? Access the full event content by filling out the form at the top of this page.Curious to learn more about the future of the SOC? Access the full event content by filling out the form at the top of this page.