Security Operations Center – Deployment Models
The decision to build SOC in-house or in MSSP Cloud depend upon multiple parameters:
1) Is it compliance need to keep the data inside the organization only?
2) In case of in house SOC, are we ready to handle the overhead like compute requirements, resource management, training, resource retention, policies, procedures?
3) Do we have enough budget to get the SOC to build Business Case approved?
4) Are we ready to replace the technology, security controls with latest technologies whenever needed during operation?
5) Are we prepared to build SOC on the requirement framework for continuous improvement until it gets mature?
Once we understand these dynamics in detail, then it will be easy to decide which model is good for us.