Security Operations , Security Operations Center (SOC)
Utilizing SOC Automation to Its Full Capacity
PLUS Malaysia’s Abdullah Al-Attas Talks About Getting SOC RightSOC automation capabilities need to be enhanced to go beyond performing routine tasks, says Abdullah Al-Attas, head of cybersecurity at PLUS Malaysia, an expressway service provider.
See Also: Corelight's Brian Dye on NDR's Role in Defeating Ransomware
“We have to enhance SOC automation, he says. "The technology in itself needs to be able to make decisions. Right now, a human has to come in and make a decision. So we need to shift some of those decision to the SOAR, and it will make the decisions for us based on certain thresholds we put in."
In a video interview with Information Security Media Group as part of its RSA Conference 2021 coverage, Al-Attas also discusses:
- Why SOC automation needs to improve;
- How to expand SOC capability beyond SIEM;
- What the SOC of today should look like.
As head of cybersecurity at PLUS Malaysia, Al-Attas ensures digital transformation built with security in mind. He also leads the deployment/building of the digital information security transformation focused on the cyber defense domain, including SOC, incident response and threat hunting. He has more than 14 years of experience working as a consultant and end user, mostly in the telco industry.