1st Edition
Cybersecurity Operations and Fusion Centers A Comprehensive Guide to SOC and TIC Strategy
Preface
About the Author
Part I. Building and Deployment
1. What Is a Cybersecurity Operations and Fusion Center (SOFC) and Why Do You Need One?
2. Designing the SOFC Model
3. SOFC: Building the Core Team
Part II. Tools and Operations
4. SOFC Infrastructure and Toolset
5. Cybersecurity Operations and Fusion Center: Daily Operations
6. Foundations of Security Operations or SecOps
7. Detection, Response, and Remediation
Part III. Reporting and Metrics
8. SOFC Reporting
9. SOFC Metrics
Part IV. Leadership Alignment and Support
10. SOFC Alignment and Support
11. Key Components of a Turnkey SOFC
12. Conclusion
Appendix: Templates and Resources
Index
Biography
Dr. Kevin Lynn McLaughlin, PhD, CISO, CISM, CISSP, PMP, ITIL Master, LSSBB, GIAC-GSLC, CRISC, is a highly accomplished cybersecurity expert with a diverse background in law enforcement, corporate security, and cybersecurity. He proudly served in the U.S. Army and was a U.S. Special Agent before making a significant impact in the world of corporate security. With over 39 years of experience in the field, Dr. McLaughlin has demonstrated his expertise in creating and leading three Global Cybersecurity Programs for Fortune 300 companies, establishing Global Security Operations Centers, and designing and implementing a Global Cybersecurity Architecture. He is a veteran in global cyber investigations, having led over 800 investigations, and is a skilled executive manager who has led Global Cyber and Corporate Security teams. Kevin is a highly sought after speaker, having spoken at RSA, and has advised Board of Directors on various cybersecurity topics. He is also an expert in executive protection and securing critical manufacturing, manufacturing, consumer goods, and healthcare environments.
