01-22-2020, 04:13 PM
Hi Hemza,
The idea behind the SOC-CMM is the differentiation in 5 domains: people, process, technology as the standard 'triad', augmented with business and services. Service is about the services delivered by the SOC. Business is about alignment with the business. Understanding business drivers is an important part. The business drivers dictate why the SOC exists. There must have been some driver or incident that made the board decide to invest in the deployment of a security operations center. For an MSSP, it can also be a business decision or by demand from the MSSP customers.
I hope this helps. If you have any additional questions, please let me know.
Regards,
Rob.
The idea behind the SOC-CMM is the differentiation in 5 domains: people, process, technology as the standard 'triad', augmented with business and services. Service is about the services delivered by the SOC. Business is about alignment with the business. Understanding business drivers is an important part. The business drivers dictate why the SOC exists. There must have been some driver or incident that made the board decide to invest in the deployment of a security operations center. For an MSSP, it can also be a business decision or by demand from the MSSP customers.
I hope this helps. If you have any additional questions, please let me know.
Regards,
Rob.