Cybersecurity Operations and Fusion Centers A Comprehensive Guide to SOC and TIC Strategy

"Cybersecurity Operations and Fusion Centers: A Comprehensive Guide to SOC and TIC Strategy" by Dr. Kevin Lynn McLaughlin is a must-have resource for anyone involved in the establishment and operation of a Cybersecurity Operations & Fusion Center (SOFC). Think of a combination cybersecurity SOC and cybersecurity TIC. In this book, Dr. McLaughlin, who is a well-respected cybersecurity expert and PhD holder, provides a comprehensive guide to the critical importance of having a SOFC and the various options available to organizations to either build one from scratch or purchase a ready-made solution. The author takes the reader through the crucial steps of designing a SOFC model, offering expert advice on selecting the right partner, allocating resources, and building a strong and effective team. The book also provides an in-depth exploration of the design and implementation of the SOFC infrastructure and toolset, including the use of virtual tools, the physical security of the SOFC, and the impact of COVID-19 on remote workforce operations. A bit of gamification is described in the book as a way to motivate and maintain teams of high performing and well-trained cybersecurity professionals. The day-to-day operations of a SOFC are also thoroughly examined, including the monitoring and detection process, security operations (SecOps), and incident response and remediation. The book highlights the significance of effective reporting in driving improvements in an organization's security posture. With its comprehensive analysis of all aspects of the SOFC, from team building to incident response, this book is an invaluable resource for anyone looking to establish and operate a successful SOFC. Whether you are a security analyst, senior analyst, or executive, this book will provide you with the necessary insights and strategies to ensure maximum performance and long-term success for your SOFC. By having this book as your guide, you can rest assured that you have the knowledge and skills necessary to protect an organization's data, assets, and operations.

Preface Part 1 Building and Deployment 1. Cybersecurity Operations & Fusion Center: Why Do You Need One. 2. Designing the Model. 3. Building the Core Team. Part 2 Tools & Operations 4. Infrastructure and Toolset. 5. Cybersecurity Operations & Fusion Center: Why Do You Need One. 6. Security Operations or SecOps. 7. Detection, Response and Remediation. Part 3 Reporting & Metrics 8. Reporting. 9. Metrics. Part 4 Leadership Alignment & Support 10. Alignment and Support. 11. Key Components of a Turnkey Solution. 12. Conclusion. Appendix A: Templates. Appendix B: List of Acronyms. Appendix C: References. Index.

Dr. Kevin Lynn McLaughlin, PhD, CISO, CISM, CISSP, PMP, ITIL Master, LSSBB, GIAC-GSLC, CRISC, is a highly accomplished cybersecurity expert with a diverse background in law enforcement, corporate security, and cybersecurity. He proudly served in the U.S. Army and was a U.S. Special Agent before making a significant impact in the world of corporate security. With over 39 years of experience in the field, Dr. McLaughlin has demonstrated his expertise in creating and leading three Global Cybersecurity Programs for Fortune 300 companies, establishing Global Security Operations Centers, and designing and implementing a Global Cybersecurity Architecture. He is a veteran in global cyber investigations, having led over 800 investigations, and is a skilled executive manager who has led Global Cyber and Corporate Security teams. Kevin is a highly sought after speaker, having spoken at RSA, and has advised Board of Directors on various cybersecurity topics. He is also an expert in executive protection and securing critical manufacturing, manufacturing, consumer goods, and healthcare environments.