CyberEd Board Profiles in Leadership: Elrich Engel, AMPWhat to Insource and Outsource Depends on Core Competencies
What security functions should be kept in house, and which ones should be outsourced?
See Also: The Importance of Proactive Security
The sands are shifting: the days of a fully in-house security operations center are probably gone now, says Elrich Engel, CISO and director of data and architecture at AMP, an Australian financial services company.
Engel says analysts aren't just monitoring and analyzing events from antimalware and firewalls, but myriad components that wouldn't make sense to completely insource. An organization needs to figure out what their core competencies are, which can help in developing their own hybrid model.
The capabilities and telemetry required to run a modern or next-generation SOC, including the likes of threat intelligence, threat hunting and in some cases also commercial threat feeds are all now widely considered core components of a SOC - all lends itself to a hybrid model," Engel says.
In this video interview with Information Security Media Group as part of CyberEdBoard's ongoing Profiles in Leadership series, Engel discusses:
- How the SOC is evolving with respect to insourcing and outsourcing;
- How hybrid models of delivering security are extending even to the endpoint;
- What organizations should consider when designing breach attack simulations .
Engel is CISO and director of data and architecture at AMP. He previously was the CISO for Vodafone Australia.
CyberEdBoard is the premier members-only community of executives and thought leaders in the fields of security and IT. Membership in Information Security Media Group’s CyberEdBoard provides executives with a powerful peer-driven collaborative ecosystem and library of resources to address complex challenges shared by CISOs and senior security leaders worldwide. Executive members use the CyberEdBoard engagement platform to further enhance their professional brands, create and exchange member-exclusive resources, obtain accredited education and content, contribute in the executive mentor marketplace and seamlessly connect with senior security peers and experts around the world.
Join the Community. The CyberEdBoard global community is accepting applications from qualified CISOs and senior security stakeholders. To submit your application for membership consideration, visit CyberEdBoard.io today.