Security Operations Center Guidebook A Practical Guide for a Successful SOC 1st edition by Gregory Jarpey, Scott McCoy ISBN 0128036575 9780128036570

Part I: Developing Your Security Operations Center (SOC)

1. Chapter 1: What is a Security Operations Center?

   • Abstract
   • Third Party
   • Hybrid
   • Dedicated
   • Historical Lessons

2. Chapter 2: Needs Assessment

   • Abstract
   • Risk Assessment
   • Types of Companies
   • Additional Considerations
   • Historical Lessons

3. Chapter 3: Business Case

   • Abstract
   • Example
   • Historical Lessons

4. Chapter 4: Building Your SOC

   • Abstract
   • Workstations
   • Historical Lessons

5. Chapter 5: Staffing Options

   • Abstract
   • Training
   • Career Progression
   • Retention
   • Historical Lessons

Part II: Operations

6. Chapter 6: Responsibilities and Duties

   • Abstract
   • Introduction
   • Welcome to the SOC—You Have an Important Role
   • Mission Statement
   • SOC Job Description
   • Sample SOC Job Description
   • Hiring and Interviewing Your SOC Candidate
   • Sample Interview Questions for a SOC
   • Staffing and Schedule
   • Sample Three-Week Rotation
   • Supervisory Authority
   • Staff Responsibility
   • Historical Lessons

7. Chapter 7: Post Orders and Procedures

   • Abstract
   • Introduction
   • Setting Up Your Post Orders
   • Create a Shared Email Address for Security Inquiries and Requests
   • Performance of Duties
   • Example Post Order Table of Contents Setup and Their Purpose
   • Site Procedures
   • Historical Lessons

8. Chapter 8: Training Programs

   • Abstract
   • Introduction
   • Getting Started
   • New Hire Training Schedule
   • Individual Training Checklist
   • Monthly, Quarterly, and Annual Training
   • Historical Lessons

9. Chapter 9: Enterprise Access Control

   • Abstract
   • Introduction
   • Setting Up Your Physical Access Control System
   • Operator Permissions
   • Card Access Programming and Control
   • Setting Up and Controlling Your Restricted Areas Access
   • Creating a Restricted Area
   • Access Control Matrix
   • Site Access Control
   • System Status Checks
   • Troubleshooting
   • Historical Lessons

10. Chapter 10: Alarm Monitoring

    • Abstract
    • Introduction
    • Physical Access Control System (PACS) or Intrusion Detection System (IDS) Alarms
    • Alarm Instructions
    • Receiving Alarms
    • How an Alarm is Handled Depends on the Three Steps of Assessment
    • Response
    • Mechanical Alarms
    • Panic Alarms
    • Reduce Your False Alarms
    • Historical Lessons

11. Chapter 11: Enterprise Video Surveillance

    • Abstract
    • Introduction
    • Operator Permissions
    • Setting Up Your Video Monitoring System
    • Remote Video Patrol
    • Alarm Response
    • Investigative Support
    • Civil Disturbance: Strikes, Protests, or Demonstrations
    • Daily System Status Checks
    • Historical Lessons

12. Chapter 12: Working with Your Vendors

    • Abstract
    • Introduction
    • Scope of Work
    • Your Company Profile
    • Account Management
    • Installation or Service Work Responsibilities for the Vendor
    • Your Company Responsibilities
    • Security System Descriptions
    • Change Orders
    • Project Completion or Site Commission
    • Service Calls and Work Orders
    • Historical Lessons

13. Chapter 13: Incident Reporting

    • Abstract
    • Introduction
    • Confidentiality
    • You Must Have an Electronic Incident Report Form
    • You Need a Centralized Database
    • Different Modes of Incident Reporting
    • Historical Lessons

14. Chapter 14: Communication Plan

    • Abstract
    • Introduction
    • Communicating Corporatewide
    • Notification Lists Also Known as Call Trees
    • Mass Notification Alert System
    • Mass Notification Alert Authorization Lists
    • SOC’s Positive Response to an Alert Request Equals Regular Training
    • Historical Lessons

15. Chapter 15: The Emergency Operations Center

    • Abstract
    • Introduction
    • Why the SOC is the Place for Your EOC
    • No One Size Fits All
    • Historical Lessons

Part III: Making the SOC an Integral Part of Your Company

16. Chapter 16: Customer Service is Key

    • Abstract
    • Introduction
    • What Does Your Company Need from Security?
    • Set the Expectations
    • Mistakes Will Happen—Own Them, Fix Them, Follow Up, and Move On
    • Historical Lessons

17. Chapter 17: Metrics

    • Abstract
    • Introduction
    • Incident Reports
    • Types of Metrics
    • Phone Stats
    • Performance Metrics
    • Service Level Agreements
    • Historical Lessons

18. Chapter 18: Developing Partnerships

    • Abstract
    • Introduction
    • Start from Within
    • The Most Obvious Partners—Safety and Facilities
    • Information Technology (IT) Department
    • Law Enforcement Agencies and Officers
    • Vendors—Yes, Vendors Too
    • Historical Lessons

19. Chapter 19: Brand Awareness

    • Abstract
    • Introduction
    • One-Stop Shop
    • What is Your Brand?
    • The SOC is Your Brand
    • Advertising Your Brand
    • Rome Was Not Built in a Day
    • Historical Lessons

20. Chapter 20: Continuous Improvement

    • Abstract
    • Introduction
    • Pick Your Points
    • Get a Black Belt or Become One
    • Historical Lessons