How to Select Your New SOC Provider
Scope and align to your business requirements and avoid the most common mistakes.
Whether you are considering outsourcing your Security Operations Centre (SOC), or you are in the middle of the process, Improsec provides independent advice to guide you through the process.
Product
Depending on where you are in the process, the deliverables are:
A scoping workshop where we illustrate and discuss the components of a Security Operation Center (SOC), their internal & external dependencies, deliverables, and requirements. The goal of this workshop is a clearly defined scope which matches your business requirements - to be used for the RFP process.
Requirements and questions for your Request for Proposals (RFP) document you send to bidders. We ask the right questions, formulated in the right way, to make sure you can adequately measure the maturity of the bidders and their services.
Independent analysis and assessment of the proposed services based on the RFP responses.
Value
What kind of SOC capabilities fit your needs?
What questions should you ask in your RFP - to make sure you get the right answers?
What are the pitfalls and how to best avoid them?
How do you measure and compare potential SOC providers
Method
We analyse and advise based on our extensive experience from both the defensive and the offensive side, as well as industry best practices. Having experience from many previous outsourcing engagements, we know the potential pitfalls - and how best to avoid them. The majority of our input to the RFP are formulated as open questions and “user stories” known from agile development. This enables you to better measure the received proposals compared to a classic [Yes/No/ Comments] questionnaire approach.
Involvement
Through a close dialogue we will, together, agree on scope and content.