Protecting and defending against digital attacks requires visibility and control of the digital infrastructure within your organisation and of all the events taking place within this. An increasingly common way to achieve this is to implement a Security Operations Centre (SOC).

However, in order for a SOC to function successfully, it must be tied in with the business processes. This makes building a SOC a major challenge. Due to the many organizational and technical issues that come to mind when setting up a SOC, it may be difficult for a newcomer to find a correct approach. The NCSC-NL advices to start small and to grow along with the organisation’s need for insight.

This factsheet is aimed at Information Security Officers in organisations that wish to begin monitoring business information security.