In the latest episode of the Cyber PMM Podcast, I sat down with cybersecurity expert Chris Crowley, a consultant at Montance LLC and an instructor at the SANS Institute. With over 20 years in the field, Christopher provides profound insights into the evolution of security operations (SecOps) and the challenges facing today’s cybersecurity landscape.
A Journey into Cybersecurity
Christopher Crowley’s journey into cybersecurity began in high school, where an early job in systems administration sparked his interest. His career took a significant turn while working at Tulane University, where he encountered various cybersecurity incidents, including compromising activities that attracted the attention of the FBI. These experiences, coupled with a major disaster recovery effort following Hurricane Katrina, equipped Christopher with unique insights into both cyber threats and disaster preparedness.
The State of Security Operations
As the episode delves into the state of security operations, Christopher Crowley discusses the evolution and importance of Security Operations Centers (SOCs). He emphasizes how SOCs have become a crucial part of cybersecurity strategy due to growing legal and contractual monitoring requirements. Christopher notes the significance of defining what a SOC does and understanding its capabilities, which has been an ongoing conversation within the industry.
PLEASE BE SURE TO SUBSCRIBE TO THE YOUTUBE CHANNEL TO BE FIRST TO KNOW ABOUT NEW VIDEOS
Insights from the SANS SOC Survey
One of the highlights of the podcast is Chris’s discussion on the SANS SOC Survey, a research initiative he has been involved with for eight years. The survey seeks to provide an objective reference for cybersecurity professionals, offering insights into SOC practices and trends. Chris emphasizes the importance of creating a consensus on SOC functions and the value of maintaining consistent survey questions to track trends over time.
The Role of AI in SecOps
A key topic in the conversation is the role of Artificial Intelligence (AI) in security operations. While many organizations are exploring AI tools, survey results indicate that satisfaction levels are low. Chrissuggests that while AI is increasingly implemented, it is crucial to manage expectations, as the technology has yet to meet the high expectations of security teams.
Retention and Satisfaction in SOCs
Chris addresses the challenges of retaining skilled SOC personnel, acknowledging the burnout associated with entry-level positions. The podcast touches on survey findings that indicate longer retention rates, with meaningful work increasingly recognized as a key factor in employee satisfaction. The conversation highlights the importance of not transforming analysts into machines and allowing them to engage with complex challenges, which enhances their job satisfaction and contributes to effective security operations.
Future of Security Operations
Looking ahead, Chris shares his vision for the future of security operations. He predicts an incremental improvement within SOCs, where AI will be integrated through vendor solutions, and automation will play a critical role in handling routine tasks. Chris foresees a future where tailored machine learning models, trained on specific organizational environments, will provide unique advantages in threat detection.
Tips for Aspiring SOC Analysts
For those aspiring to enter the field as SOC analysts, Chris emphasizes the importance of understanding IT fundamentals, cyber tools, and the threat landscape. He encourages leveraging free resources and continuous learning to build the necessary skills. Additionally, he advises product marketers to align their messaging with the needs of SOCs, focusing on customer knowledge and providing clear deployment guidance.
Get Involved
For cybersecurity professionals and organizations interested in the SANS SOC Survey, Chris encourages participation and exploration of the extensive resources available at http://soc-survey.com. This platform offers previous reports and insights into trends shaping the industry.
In closing, this insightful episode provides valuable perspectives on the challenges and advancements in security operations. As the field evolves, professionals like Chris Crowley continue to lead the charge in developing innovative solutions and fostering a deeper understanding of cybersecurity practices.
⤵️ Join the conversation with 300+ other Cyber PMMs
- Subscribe to the newsletter on LinkedIn or Substack. (You can also subscribe directly below.)
- Follow Cyber PMM and/or me on LinkedIn.
- Subscribe to the YouTube channel.
- Subscribe to the Podcast on Spotify or Apple.
- Follow on X and @Cyber_PMM on Instagram.