Security Operations Center Guidebook: A Practical Guide for a Successful SOC provides everything security professionals need to create and operate a world-class Security Operations Center. It starts by helping professionals build a successful business case using financial, operational, and regulatory requirements to support the creation and operation of an SOC. It then delves into the policies and procedures necessary to run an effective SOC and explains how to gather the necessary metrics to persuade upper management that a company's SOC is providing value.
This comprehensive text also covers more advanced topics, such as the most common Underwriter Laboratory (UL) listings that can be acquired, how and why they can help a company, and what additional activities and services an SOC can provide to maximize value to a company.
Gregory Jarpey works for Orbital ATK as the Security Operations Manager for Corporate Security. He has more than 20 years of security experience starting in the United States Army as an Infantryman. Greg has his Bachelor's degree in Business Management and received his PSP (Physical Security Professional) certification from ASIS in 2004. Greg has more than 15 years of experience managing Underwriter Laboratories (UL) certified Security Operation Center as a contractor for Xcel Energy and at Orbital ATK. Greg is a member of and contributor to the ASIS Protection of Assets manuals released in 2012. He hosted a local ASIS chapter meeting in 2010 by conducting a round table about SOC's. Scott McCoy has more than 30 years of risk management experience starting in the U.S. Army as an explosive ordnance disposal technician. Scott has spent nearly 20 years in corporate security management and received his CPP (Certified Protection Professional certification) from ASIS in 2002. He also received his Certified Information Systems Security Professional (CISSP) and Certified Business Continuity Professional (CBCP) certifications in order to better understand the disciplines of a converged security department, which he formed at Xcel Energy and Alliant Techsystems. He has a Master's degree in Management, and has five years' experience as an adjunct instructor teaching masters level courses in decision making, IT security and security management. He has presented at local and national ASIS conferences on background screening and metrics, and has published magazine articles and white papers on utility specific regulatory issues. In addition, he has contributed several chapters on IT security topics.
Introduction Part I - Developing Your Security Operations Center 1. What is a Security Operations Center? 2. Needs Assessment 3. Business Case 4. Building Your SOC 5. Staffing Options Part II - Operations 6. Responsibilities and Duties 7. Post Orders and Procedures 8. Training Programs 9. Enterprise Access Control 10. Alarm Monitoring 11. Enterprise Video Surveillance 12. Working with Your Vendors 13. Incident Reporting 14. Communication Plan 15. The Emergency Operations Center Part III - Making the SOC an integral part of your Company 16. Customer Service is KEY 17. Metrics 18. Developing Partnerships 19. Brand Recognition 20. Continuous Improvement