SIEM? SOC it to ‘em!

With the advent of GDPR and the increasing pressures on IT security, an outsourced and fully managed Security Operations Centre (SOC) seems to be the ideal solution to a hard-pressed IT department.  The primary fear for Chief Information Security Officers (CISO) within organisations, (according to Ponemon Institute survey “What CISOs Worry About in 2018” published in January 2018), is the lack of competent in-house staff where over 70% of respondents cited as their top concern.  Over 66% cited data breaches as their next largest worry and 59% named cyber-attacks as the third largest concern.


There is no such thing as invulnerable IT systems, despite layers of protection there are limitations for security due to the fluid nature of computing with new vulnerabilities becoming exposed on almost a daily basis. This coupled with new tools and techniques that bad actors use in order to compromise security make a SIEM system necessary to challenge regularly the network in order to maintain a constant risk assessment. A simple benefit from SIEM is the sanity check that any layered security element is actually doing its job. How do we know phishing attacks or viruses are not getting through?

Key within the GDPR articles are the reporting time constraints and consequential forensic analysis required when providing testimony to the ICO on breaches and any conditional information needed in order to avoid the huge €20M fine or 4% of global turnover. This can be a problem for many companies, some of which find out about a breach many months after the data has been stolen and do not have the resources or technical knowledge in order to analyse just how and when it happened. By providing monthly SIEM services, any breaches can be immediately determined and the audit trail of circumstances clearly described to the Information Commission’s Office.

As it was pointed out by Ponemon’s recent survey, the most prevalent threat are the breaches caused by employee negligence. Despite the news-busting headlines, many breaches are caused by employees’ reliance on IT technology to fix-on-the-fly any transgressions that staff cause. There is an expectation by employees that the organisations they work for will have security in place to protect them from causing any harm; a fantasy that creates the crucible for disaster. Employee ignorance of their responsibilities and negligence in their actions are the primary factors, which cause the majority of breaches; from clicking links from within emails to the improper configuration of a database – these are the spread of factors, which cause CISOs the largest concerns. Over 54% of CISOs regard employee negligence a major factor in security threats according the survey.

Outsourced services such as N4Threat Detect which are manned and managed from Node4’s SOC, located somewhere in the Midlands provides the ideal solution to these worries. By providing constant Security Incident Event Management (SIEM) services, Node4 are able to proactively monitor and help protect organisations from a plethora of external and internal threats. It is inevitable that every company will experience a data breach at some level, with GDPR legislation becoming fully adopted this month, the trick will be to employ the tools and services that help meet the compliance and avoid the time relevant penalties.

It is clear that GDPR will be a key factor for many organisations looking at outsourced and fully managed SIEM services such as N4Threat Detect provides. Organisations who are able to provide the cost and skill levels to maintain their own SIEM systems will still be at a disadvantage from customers of Node4’s Threat Detect as the service sees trends across a variety of customer platforms and can act upon consolidated intelligence gleaned in real-time for all their customers. Node4 have invested heavily over the past two years in establishing SOC services to provide a high level of responsiveness, which for customers, would be difficult and expensive to provide themselves, but because of Node4’s investment, are provided as a cost effective monthly fee. If you would like more details of Node4’s SOC services please contact