Should you build your own SOC or use one as a service?

You’ve done your homework and decided your company needs a Security Operations Center (SOC) to keep yourself protected and your customers’ data secure. You have a few options available: should you build your own SOC or find a provider for SOC as a service?

The benefit of having your own SOC is having your own SOC. Depending upon your needs you might need one, but there are quite a few problems here.

Big money for rare security talent

Good security people are hard to find and aren’t cheap. You’ll need to hire quite a few rare and expensive specialists if you want true 24/7/365 coverage, so be prepared for a long recruitment process. You will have high upfront capital costs of starting a new department in your company, and you will also need to worry about the running expenses. The overwhelming majority of corporations think it isn’t realistic to build their own SOC due to the costs.

Additionally, your own SOC will only handle incidents at your own company. Most likely this will not happen very often, so your experts will get rusty over time. A provider of SOC as a service will have a plethora of clients so will see what is happening in the threat landscape before it reaches you.

The corporate landscape is always changing, with mergers, acquisitions, strategic business decisions and the like. If your corporation makes a major change, your own SOC will need to change as well. Scaling up your SOC as your corporation changes is a painful and time-consuming process, which is another disadvantage.

Efficiency of SOC as a service

Going to a SOC provider like Basefarm means you are going to a professional who has already invested in the necessary staff, equipment and tools. They will have many other clients, so you get the benefit of their experience. Most likely they will also be heavily involved in the security industry, being members of various associations where they can hone their skills and pass along the latest knowledge. SOC as a service is probably also going to be much cheaper.

Building your own SOC v. contracting SOC as a service will come down to your company’s individual needs. It is quite possible that creating your own is the best option for you, but hiring an expert SOC provider makes more sense for the majority of firms. You get the skills, experience, industry contacts, continuous learning and efficiency at a lower cost, which is a pretty easy business case to make.

Read more about our SOC services HERE

This might interest you too:

What is a Security Operation Center and why do you need it?

How do you find the right SOC provider for your company? 


Author: Fredrik Svantes, Senior Information Security Manager, Basefarm

Fredrik Svantes is the Head of the Basefarm Security Operations department and has also lead the Basefarm Security Incident Response Team for the past seven years. Previously he has worked for companies such as Blizzard Entertainment, doing detective work on logs for massive online platforms running games such as World of Warcraft. Blog: Twitter: @fredriksvantes .