EP187 Conquering SOC Challenges: Leadership, Burnout, and the SIEM Evolution
08/26/24 • 29 min
Guest:
- Nicole Beckwith, Sr. Security Engineering Manager, Threat Operations @ Kroger
Topics:
- What are the most important qualities of a successful SOC leader today?
- What is your approach to building and maintaining a high-functioning SOC team?
- How do you approach burnout in a SOC team?
- What are some of the biggest challenges facing SOC teams today?
- Can you share some specific examples of how you have built and - probably more importantly! - maintained a high-functioning SOC team?
- What are your thoughts on the current state of SIEM technology? Still a core of SOC or not?
- What advice would you give to someone who inherited a SOC? What should his/her 7/30/90 day plan include?
Resources:
- EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center
- EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
- EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond
- EP64 Security Operations Center: The People Side and How to Do it Right
- EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond!
- EP26 SOC in a Large, Complex and Evolving Organization
- “The first 90 days” book
Guest:
- Nicole Beckwith, Sr. Security Engineering Manager, Threat Operations @ Kroger
Topics:
- What are the most important qualities of a successful SOC leader today?
- What is your approach to building and maintaining a high-functioning SOC team?
- How do you approach burnout in a SOC team?
- What are some of the biggest challenges facing SOC teams today?
- Can you share some specific examples of how you have built and - probably more importantly! - maintained a high-functioning SOC team?
- What are your thoughts on the current state of SIEM technology? Still a core of SOC or not?
- What advice would you give to someone who inherited a SOC? What should his/her 7/30/90 day plan include?
Resources:
- EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center
- EP181 Detection Engineering Deep Dive: From Career Paths to Scaling SOC Teams
- EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond
- EP64 Security Operations Center: The People Side and How to Do it Right
- EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond!
- EP26 SOC in a Large, Complex and Evolving Organization
- “The first 90 days” book
Previous Episode
EP186 Cloud Security Tools: Trust the Cloud Provider or Go Third-Party? An Epic Debate, Anton vs Tim
Guests:
- A debate between Tim and Anton, no guests
Debate positions:
- You must buy the majority of cloud security tools from a cloud provider, here is why.
- You must buy the majority of cloud security tools from a 3rd party security vendor, here is why.
Resources:
- EP74 Who Will Solve Cloud Security: A View from Google Investment Side
- EP22 Securing Multi-Cloud from a CISO Perspective, Part 3
- EP176 Google on Google Cloud: How Google Secures Its Own Cloud Use
- “The cloud trust paradox: To trust cloud computing more, you need the ability to trust it less” blog
- “Snowcrash” book
- VMTD
Next Episode
EP188 Beyond the Buzzwords: Identity's True Role in Cloud and SaaS Security
Guest:
- Dor Fledel, Founder and CEO of Spera Security, now Sr Director of Product Management at Okta
Topics:
- We say “identity is the new perimeter,” but I think there’s a lof of nuance to it. Why and how does it matter specifically in cloud and SaaS security?
- How do you do IAM right in the cloud?
- Help us with the acronym soup - ITDR, CIEM also ISPM (ITSPM?), why are new products needed?
- What were the most important challenges you found users were struggling with when it comes to identity management?
- What advice do you have for organizations with considerable identity management debt? How should they start paying that down and get to a better place? Also: what is “identity management debt”?
- Can you answer this from both a technical and organizational change management perspective?
- It’s one thing to monitor how User identities, Service accounts and API keys are used, it’s another to monitor how they’re set up. When you were designing your startup, how did you pick which side of that coin to focus on first?
- What’s your advice for other founders thinking about the journey from zero to 1 and the journey from independent to acquisition?
Resources:
- EP162 IAM in the Cloud: What it Means to Do It 'Right' with Kat Traxler
- EP127 Is IAM Really Fun and How to Stay Ahead of the Curve in Cloud IAM?
- EP166 Workload Identity, Zero Trust and SPIFFE (Also Turtles!)
- EP182 ITDR: The Missing Piece in Your Security Puzzle or Yet Another Tool to Buy?
- “Secrets of power negotiating“ book
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
Select type & size
<a href="https://goodpods.com/podcasts/cloud-security-podcast-by-google-346699/ep187-conquering-soc-challenges-leadership-burnout-and-the-siem-evolut-72319361"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to ep187 conquering soc challenges: leadership, burnout, and the siem evolution on goodpods" style="width: 225px" /> </a>
Copy