To the professionals in the house. The organization where I work is looking to make a foray into cybersecurity services by launching a SOCaaS product. We currently provide managed services to multiple telcos and financial institutions. I took an interest in cybersecurity last year, consuming multiple books and video resources and at the moment, all I have to show for my pivot is getting the CompTIA Security + certification and now I’ve been tasked to lead this project. I feel grossly underqualified for this task and I am grasping at straws here. Any help, advice, and pointers would be deeply appreciated.
A couple of questions first…
1- For frameworks, do we go with NIST or CIS? Or do we just go the whole 10 yards and work towards getting ISO27001 certified?
2- For anyone who works or manages a SOC? What are the essential technologies/tools, hopefully with some real-world products that you think are critical to these operations? I know for SIEM, we are looking at Wahzuh or security onion but that’s about that.
3- What resources can I lay my hand on that would help expand my understanding of how to implement a SOCaaS project?