BID® Daily Newsletter
Feb 8, 2021

BID® Daily Newsletter

Feb 8, 2021

Security Operations Center – Is It For You?

Summary: The average cost of a data breach in the US last year was $3.68MM and this number is only expected to get larger. Can a Security Operations Center (SOC) help your institution? We explore the options, including in-house, outsourcing, and SOC-as-a-Service to help guide you through this process.

Apparently, disappearing socks is no longer a mystery. One family took apart its washing machine when it was not functioning properly and found that socks had slipped through the thick rubber ring that allows you to tightly seal the door. According to a GE quality engineer, this can happen at high spinning speeds. While not a mystery, another type of SOC, Security Operations Center, is helping financial institutions deal with the head-spinning cost of cybercrime.
 
With new cyber threats emerging daily, you may be hearing more about SOC as a way to batten down the cybersecurity hatches. While this approach may not work for every institution, we provide you with some background and three options to consider.
 
At its core, a SOC is a round-the-clock team and facility focused on cybersecurity prevention, detection, and response. There are many different models, including a virtual SOC, a dedicated SOC, and a partially outsourced SOC, according to Gartner.
How a SOC can help
The benefits of a SOC can be tangible, if done correctly. For example, because the services are continuous and dedicated, there’s a better chance of an organization being able to prevent attacks and respond more efficiently to cyber threats, experts say.
The cost of SOC is high
But there can be significant challenges, including cost. Consider that organizations spend on average $2.86MM a year on their in-house SOCs, according to a survey from Respond Software and Ponemon Institute. Outsourcing was found to cost even more — a whopping $4.44MM annually. That said, this is the total cost for all institutions and it is expected to be lower for smaller institutions.
And costs of data breaches and cybercrime are high
So, is a SOC worth the high price and effort? The average total cost of a data breach in the U.S. was $3.86MM, according to a 2020 data breach report from IBM and the Ponemon Institute. Cost notwithstanding, 73% of survey respondents said their SOCs are a crucial element to their overall cybersecurity strategy.
Not only that, cybercrime is expected to only get worse. Cybersecurity Ventures predicts global cybercrime costs will climb 15% per year over the next 5Ys, reaching $10.5T annually by 2025, up from $3T in 2015.
The options – build in-house, outsource, or SOCaaS
  1. In-house option: Hiring the proper expertise is critical. To have the proper heft, your team will likely need to include a manager, a data analyst, a breach investigator, a responder, and an auditor, though multiple roles can be performed by the same person. 
  2. Outsourcing: Some providers tailor their services to smaller institutions. Adlumin, for instance, has been named an ICBA Preferred Service Provider and works with financial institutions ranging from $100MM to $20B in assets.
  3. SOCaaS (SOC-as-a-Service): This is where experts can do the heavy lifting while you pay a “subscription fee.” General services include managed firewall, intrusion detection, virtual private network, vulnerability scanning, and anti-viral services. But, more can be added, of course.
After all this, the best way to know if a SOC is right for your institution or not, is to dig a little deeper and do some more research. Tap into your current IT team to see what cybersecurity measures are already in place and which ones still may be needed. Then, you can make the right decision for your institution and your customers.
Subscribe to the BID Daily Newsletter to have it delivered by email daily.

Related Articles:

DORA as a Guideline for Heightened Cybersecurity
As European financial institutions prepare to adhere to the EU’s Digital Operational Resilience Act, CFIs may find value in using these rules and regulations to help shape cybersecurity initiatives.
API Security Helps Keep Your Data Safe
APIs are a standard part of every CFI’s technical tool kit. They’re also a potential opening for cyberthieves. API security measures can help keep CFI data safe.