It’s not a new concept that a global security operations center (GSOC) has the potential to benefit organizations of any size. As leaders strive to protect people and assets in the midst of reduced on-site workforce numbers caused by the coronavirus pandemic, a centralized command center grows increasingly appealing.
The GSOC is where a variety of systems and solutions come together to provide a singular operational picture, mitigate threats and promote enhanced communication during any given situation or emergency incident, providing levels of insight that benefit all industries.
But what’s the process for building a GSOC that takes into account what a team has learned, present day challenges and the unknowns of the future?
Policy, Vision and Risk Assessment
As organizations grow, adopting new locations and expanding to provide more oversight over multiple facilities across a company, it’s critical to assess the risks faced as a result. This is the first step in moving toward providing more security management. From this critical first step, an organization can decide how its GSOC will fit into the overall picture and determine the role of security operators and analysts in the overall risk mitigation procedures.
Actively Assess Threats
Once a GSOC is established and security leaders identify the right people to employ as analysts and/or operators, the steps toward proactively engaging in and addressing incoming issues begins. Enterprise organizations are finding a lot of value in hiring analysts to oversee the day-to-day GSOC operations as a means to enable these individuals with the ability to adapt and make decisions from what they’re seeing. The result is less about addressing incidents as they happen and more about assessing the overall posture of the organization and having a strong ability to predict whether red flags exist and need to be addressed.
Designing a Space Conducive to This Goal
To ensure that analysts and operators are able to assess risks and make proactive decisions, a physical GSOC space must take into account the way information is presented to these individuals. At the basic level, workstations and overview video walls are critical parts of this effort, but there are far more design considerations to take into account, including:
- The ability to aggregate incoming data points and automate them into a display to create a common operational picture for operators.
- Ergonomic consoles used by operators to ensure line-of-sight for video wall observations.
- Noise filtering so that team members can speak to each other freely for collaboration and decision-making.
- The use of lighting and temperature management to encourage the comfort of operators.
- COVID-19 and related concerns around social distancing, enhanced air filtration and ensuring the health and safety of the GSOC team.
At its core, it’s critical for the GSOC to be aligned with whatever enterprise risk assessment is done for the organization and for the design of the space or retrofit to align initiatives with these points. For example, if a risk assessment names 10-15 things that are high-impact or named as a risk and the GSOC can address even a handful of these, that helps with “selling” a GSOC and the value it brings to the organization. Doing so sets the organization up for success as a necessary investment for the overall health of the company.
Access the full webinar “Building a GSOC for the Modern Enterprise” on demand at Security Magazine’s website here.