pdf

HP - State of Security Operations 2016.pdf
Hp State Of Security Operations 2016

Report on the maturity and challenges of security operations centers in 2016.

This page contains AI generated content. Errors or omissions may be present. Use human level critical thinking.
  • Q: How did the overall security operations maturity change from 2014 to 2015 according to the report?
    A: It declined year-over-year, dropping from a global median of 2.21 to an estimated lower figure (implied challenge in keeping pace).
  • Q: What specific trend explains the decline in SOC maturity despite increased investment?
    A: The rapid transformation of IT to hybrid models (cloud, mobile, IoT) combined with the professionalization of the attacker community outpaced defensive maturity.
  • Q: Which capability gap was identified as the most critical 'missing link' in 2015?
    A: The lack of 'Hunt Teaming' capabilities to proactively identify threats that evaded automated detection.
  • Q: What is the '5th Generation SOC' (5G/SOC) characterized by?
    A: A shift towards analytics, big data, intelligence-driven methodology, information sharing, and a focus on the human adversary.
  • Q: In the maturity model used, what level represents a 'Defined' process?
    A: Level 3, where security operations are proactive, repeatable, and documented.
  • Q: Which industry vertical showed the highest maturity in the 2016 report?
    A: The Technology sector, often surpassing Finance in certain operational areas.
  • Q: What is the recommended ratio of 'People' vs. 'Technology' investment for a mature SOC?
    A: The report suggests a balanced approach but highlights that many organizations over-invest in technology while under-investing in the skilled people needed to run it.
  • Q: How does the report define the 'Detection Deficit'?
    A: The time delta between the initial compromise of an asset and the discovery of that compromise.
  • Q: What specific metric does the report suggest for measuring 'Business Alignment'?
    A: The percentage of critical business assets that are actively monitored by the SOC.
  • Q: What is the primary recommendation for organizations stuck at Maturity Level 1?
    A: Focus on establishing a formal mandate, defining core processes, and achieving basic visibility before purchasing advanced analytics tools.

Ask a question

Have a doubt or need clarification?



I’m here to help. Share your question, and I’ll get back to you with the guidance you need regarding the course.

Thank you!

I have received your message and I shall get back to you shortly.