Monitoring used to mean the following: having a solution that detected events that were already known and recorded. Did it work? Yes, but it was incomplete. Because, not infrequently, what we call zero-day threats, those that are new and different, ended up going unnoticed.
The concept of security was born decades ago. They inspired solutions that have evolved and become more complex in recent years. Today, environments are monitored 24 hours a day, 7 days a week. Around the clock.
In addition, the most modern SOC solutions are based on comparisons that make it possible to quantify the risk that a threat represents for a given business. This analysis is aligned with the sector in which the company operates and the product and service it offers.
This SOC, which has earned the nickname 2.0, also doesn't depend on the client's ecosystem for monitoring and detection. What it does is supervise the network packet to find anomalous behavior. In other words, all data entering and leaving the corporate environment passes through the eyes of the SOC.
But is this limited to the company building? Is only the traffic entering and leaving the corporate network at headquarters monitored?
There have been updates. We transformed the SOC into what I like to call a Borderless SOC. It's a concept that has proved urgent during the coronavirus pandemic. How does it work?
Let's imagine that the company is a castle and that the SOC is the castle's defense. And that the residents need to do business beyond the walls. Which, in translation, would be like working from home, in a coworking space or on the street using a cell phone. In that case, would the castle's assets be unprotected?
No.
The truth is that users exchange data everywhere these days. And the SOC concept has kept pace with people's behavior. Today, wherever the user is, our Borderless SOC reaches out and monitors.
And we don't just rely on extremely qualified people to do the job. Cybersecurity professionals are essential, but the truth is that threats multiply faster than the market trains people. That's why we rely on what we call Security Orchestration, a layer that unites various security resources, adding solutions and teams. We do all this because we understand that data today is a commodity, decisive for the growth of companies.
And in the third article in our series "The evolution of security in business", we're going to explain how people are divided up in the SOC. Here, we divide the team a little differently. Read here.