CyberEd Board Profiles in Leadership: Elrich EngelWhat to Insource and Outsource Depends on Core Competencies
What security functions should be kept in house, and which ones should be outsourced?
The sands are shifting: the days of a fully in-house security operations center are probably gone now, says Elrich Engel, CISO and director of data and architecture at AMP, an Australian financial services company.
Engel says analysts aren't just monitoring and analyzing events from antimalware and firewalls, but myriad components that wouldn't make sense to completely insource. An organization needs to figure out what their core competencies are, which can help in developing their own hybrid model.
The capabilities and telemetry required to run a modern or next-generation SOC, including the likes of threat intelligence, threat hunting and in some cases also commercial threat feeds are all now widely considered core components of a SOC - all lends itself to a hybrid model," Engel says.
In this video interview with Information Security Media Group as part of CyberEdBoard's ongoing Profiles in Leadership series, Engel discusses:
- How the SOC is evolving with respect to insourcing and outsourcing;
- How hybrid models of delivering security are extending even to the endpoint;
- What organizations should consider when designing breach attack simulations .
Engel is CISO and director of data and architecture at AMP. He previously was the CISO for Vodafone Australia.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.