The Cyber Ranch Podcast

What We’re Doing Wrong in the SOC w/ Yaron Levi

Jan 26, 2022

Yaron Levi and Allan discuss SOC challenges, hypothesis-driven data analysis, business objectives, and the importance of context in threat detection. They highlight the need for structured approaches, threat modeling, and the value of trust in cybersecurity operations.

29:46

Creator website

Episode guests

Yaron Levi

AI Summary

Highlights

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Starting with a hypothesis can revolutionize SOC management by proactively sifting data to mitigate cyber threats.

Context-rich data is crucial in alert management to prevent crucial threats from being overlooked or misinterpreted.

Deep dives

Building Robustness in the System to Handle Black Swan Events

It's crucial to build robustness into systems to mitigate the impact of black swan events, such as cyber attacks. By starting with a hypothesis and sifting data to support or disprove it, a radical departure from traditional SOC management can yield significant results. This approach emphasizes proactive measures and preparedness to address unforeseen challenges.

Effective Threat Detection

01:30

Being Anti-Fragile: Tying Cybersecurity to Business Outcomes

01:26

Building Trust Leads to Success

01:23

Introduction

2min

Enhancing Threat Detection in Security Operations Centers

4min

Building Hypotheses and Strengthening Security in Cyber Operations

9min

Navigating SOC Challenges, Sponsor Message, Business Outcomes, and Threat Modeling Importance in Healthcare

3min

Prioritizing Patient Protection and Storytelling in Cybersecurity Operations

8min

The Value of Building Trust in Cybersecurity

3min

Allan is joined by Yaron Levi, CISO at Dolby, to talk about the SOC and why we are going about it all wrong. Allan and Yaron identify and examine the three main areas of concern: the data, the analyst, the analysis – and how to improve upon them. Lastly, Yaron shares his thoughts on what steps and approaches need to be taken in order to successfully accomplish the SOC’s goal.

Key Takeaways:

01:35 Bio

02:36 What are we doing wrong in the SOC?

06:54 Hypothesizing

11:22 How much gets left out when we make a hypothesis?

13:42 Anti-fragility & business outcomes

16:30 Business objective + threat model example

21:09 Lead with the why/ downstream applications

27:06 What outside influence has helped you inside cyber?

Learn more about Yaron on Twitter and LinkedIn

Follow Allan Alford on LinkedIn and Twitter

Purchase a Cyber Ranch Podcast T-Shirt at the Hacker Valley Store

Learn more about Hacker Valley Studio and The Cyber Ranch Podcast

Sponsored by our good friends at Axonius

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

The Cyber Ranch Podcast

What We’re Doing Wrong in the SOC w/ Yaron Levi

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Building Robustness in the System to Handle Black Swan Events

Challenges Faced in SOC Operations

Contextual Relevance in Alert Handling and Analysis

Implementing Hypothesis-Driven Approach in Threat Detection

Effective Threat Detection

Being Anti-Fragile: Tying Cybersecurity to Business Outcomes

Building Trust Leads to Success

Remember Everything You Learn from Podcasts