8 Questions To Ask When Investing In SOC As A Service

Budget constraints, layoffs and an increasing shortage of cybersecurity talent are just a few reasons why you should explore SOC solutions for your clients. 

  • February 23, 2023 | Author: Allison Bergamo
Learn More about this topic

Article Key

Budget constraints, layoffs and an increasing shortage of cybersecurity talent mean that your clients are likely doing more with less. Having effective security measures in place is a non-negotiable. This is a great opportunity for you to explore SOC (Security Operations Center) services for your clients. The following are some guidelines and key questions to ask as you evaluate different services. 

What is SOC as a Service?

A SOC is a command center for monitoring the information systems that an enterprise uses for its IT infrastructure. This may include everything from the business’ websites, databases, servers, applications, networks, desktops, data centers and a variety of endpoints. There are a variety of SOC models, ranging from those that are 100 percent outsourced solutions to those that involve significant elements of the internal IT team.

  • Internal or dedicated SOC: In this model, your clients use their own personnel to staff a cybersecurity team.
  • Virtual SOC: The SOC typically works remotely and without a physical facility.
  • Global SOC: This refers to a group that oversees several other SOCs that may be spread across a region.
  • Co-managed SOC: Your client’s internal IT team joins forces with an outside vendor.

How Can a SOC Benefit Your Client’s Business?

A SOC can enhance your client’s security posture through nonstop monitoring and analysis. This results in a faster, more effective response to threats across the system. Threats are detected faster and triaged more effectively. This enables your client’s internal staff to focus on other strategic initiatives.

8 Questions to Ask SOC Services Vendors

1.     What is included in the service? 

Ask about the specific security services and technologies that are included as well as those that are not included.

2.     How does the vendor handle security incidents?

Don’t be afraid to get in the weeds with this question. Make sure you know all the details about the vendor’s incident response process including how they will communicate with you and your client, and what the expected resolution time is.

3.     What is the vendor’s expertise and experience?

Dig into the vendor’s qualifications and experience, including certifications, how they handled previous security incidents and the qualifications of the security analyst who will be working with you and your client. Don’t be afraid to ask for references.

4.     How is the service monitored and managed?

Get a clear understanding of the vendor’s process for monitoring the service and managing incidents. Specifically, ask how they ensure the quality and accuracy of their analysis.

5.     What is the vendor’s approach to security?

Make sure their philosophy and approach to security measures aligns with yours and your client’s.

6.     What is the vendor’s track record?

Have the vendor walk you through some successful security incidents that they handled as well as some that could have been improved upon.

7.     How does the vendor handle their customers’ data and privacy?

Zero in on how the vendor protects customer data and how they comply with relevant regulations such as HIPAA, PCI-DSS and more.

8.     What is the pricing and contract structure?

Get in writing the cost of the service, the terms of the agreement, any additional fees or charges.

Learn more about Fortinet’s security operations.

Related Content