This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to set maturity and capability targets
Hi Anders,

Sorry for the late reply.

Determining where to set the target is a strategic decision. I personally believe that the appropriate capability and maturity level for a SOC depends on:
- ambition: what goals are you trying to achieve with the SOC?
- risks: what risks are you facing as an organisation and what role does the SOC have in mitigating those risks?
- organisational maturity level: how mature is the organisation? Having a mature SOC in an organisation with low overall maturity will create a mismatch.
- threats: what threats are you protecting against and what capabilities do you need to protect against these threats? This also depends on the profile of the threat actors you are facing and will change over time.
- willingness to invest in maturity. Maintaining a higher level of maturity requires more effort. Thus, more personnel is required.

All these are factors that contribute to setting your target.


Messages In This Thread
RE: How to set maturity and capability targets - by robvanos - 09-09-2021, 01:28 PM

Forum Jump:

Users browsing this thread: 1 Guest(s)