Acronyms Aside, the SOC of the Future Needs These 3 Capabilities

Every discipline has its acronyms, but I’d venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There’s nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. Unfortunately, that never turns out to be true.

Acronyms and Promises

Let’s go back a decade to unified threat management (UTM) which Gartner defines as a converged platform of point security products, particularly suited to small and midsize businesses, with feature sets that fall into three main subsets: firewall/intrusion prevention system (IPS)/virtual private network, secure Web gateway security and messaging security. UTMs were supposed to address everything the network needed to stay secure, only they did not. So, next-generation firewalls (NGFWs) emerged to provide more customization for the unique needs of enterprises and even then, they did not become an end all, be all.