How to Build A Customized GSOC For Your Organization
A key theme coming out of ISC West this year was clear - the GSOC. That’s short for Global Security Operations Center. But what does a GSOC really look like, and how can it truly help your organization?
A GSOC (pronounced “gee-sock”) is designed to empower security personnel with a platform that delivers ongoing prevention, detection, protection, and mitigation of threats to an organization’s virtual and physical assets. Through this process, the system can uncover vulnerable areas, respond to potential threats and address any virtual or physical incidents occurring within your environment.
While many proclaim the GSOC to be the future of security, companies often perceive an advanced operations center to be much too expensive to build and implement. However, through the proper planning and technology, companies can lower risk and increase operational efficiency and situational awareness without an exponential cost increase.
Here are four steps to creating a customized GSOC for your organization:
Define The Goals: In order to outline what you want the GSOC to achieve for your organization, you should interview its stakeholders about what they expect from the GSOC. The importance of involving everyone, from your executives to your IT department, depends on your organization’s size and the GSOC’s purpose. This is where your CSO can lead the charge in coordinating the integration of physical and IT assets in order to create a holistic picture of your organization’s infrastructure.
Next, assess what the goals of your operations center will be. For instance, one objective could be to improve loss prevention techniques through monitoring supply chain management and efficiency. Another goal might be to lower overall company risk through creating better identity management processes, or helping tie together video surveillance from multiple company locations so they can be accessed at anytime from anywhere. Create a list of all needs from your operations center first, and then prioritize these goals among your key stakeholders. The ultimate goal, of course, is to increase collaboration and preempt risk in order to respond more proactively and effectively to growing security threats in the enterprise landscape.
Take Inventory of Current Technology Assets: Instead of immediately instigating a “rip and replace” methodology, take your current technology assets into account. This includes everything from monitors to cameras and employee access to areas within the building. Map out your current security technology to see if anything can be leveraged and integrated better than it is currently. By surveying the current landscape, you will be able to identify the holes within your security strategy and directly address those first.
A converged security approach means combining and leveraging data from all sources within your company, including cameras, sensors, access control, building management, alarms, identity management and even social media. From there you will be able to extract actionable information that can positively impact your organization from a security and financial perspective.
Find the Right Platform: There are many benefits to having an effective GSOC, including shortened response times, continuous monitoring, detailed analysis and actionable information. By accelerating innovative physical security platforms along with IT and cybersecurity methods, organizations can gain the analytical insights that are needed to address specific challenges. In order for an intricate system to work properly, you must have a system that can accurately collect and leverage Big Data.
Finding the right information management and correlation platform is essential to the GSOC. You should keep in mind the functions that the GSOC must perform when reviewing different platforms. These include security system administration, compliance, situational awareness capabilities (both within and outside of your organization) incident management, crisis communications and 24/7 monitoring. Once you lay out all of your organization’s needs, you can begin pricing and identifying which products is a priority.
Capabilities to Consider When Building A GSOC:
- Filtering and Correlation Rules
- Geospatial Special Recognition, Mapping and Visualization
- Routing
- Dispatch - Command & Control Communications
- Communications
- Device Management
- Document
- Mass Notification
- System Management
- 3D Mapping
- Incident Reports
- Asset Tracking
- Risk Management
- Post/Blue Force Tracking
- Real-time monitoring
- Case management
- Reporting
Most importantly, you have to consider your organization’s needs now - and in the long term. Make sure to prioritize your goals based on a forward-thinking plan.
Test Your Approach: Process-driven decision making is key to the success of your GSOC. Once you’ve defined your goals, reviewed your assets, chosen a platform and allocated appropriate resources, you can give your GSOC the green light. Be sure to train the operators or analysts who will run the platform on an on-going basis and to outline specific processes and procedures at the launch.
Through consistent planning and execution, you can leverage the integrated capabilities of a GSOC platform to deliver real, end-to-end solutions that can be fully adopted for a variety of applications and expand your security operational footprint so your company can thrive.
About the Author: James Chong is the CEO and Founder of Vidsys. Prior to becoming CEO in 2015, he served as CTO and Founder where his accomplishments included being selected into International Data Group’s “InfoWorld Top CTO 25” for his business management leadership and converged security technology innovation. Chong also helped coin and create the term “PSIM” back in 2006, which has evolved to become a new category within the security market. In 2014, he introduced the evolution of PSIM to CSIM and Internet of Things (IoT) solutions leveraging the web-enabled platform.