Carson Zimmerman is currently a Cyber Security Operations Center (CSOC) engineering team lead with Microsoft. He has worked in and around CSOCs for about 15 years, holding roles in the CSOC ranging from tier 1 analyst to architect. Previously with MITRE, Carson wrote "Ten Strategies of a World-Class Cybersecurity Operations Center," which can be downloaded for free at http://bit.ly/1sKCOH9. He received a BS in Computer Engineering from Purdue University and an MS in Information Systems from George Mason University.
In this talk, Carson will decompose key metrics for the CSOC, with three consumers in mind: the CSOC itself, executives above the CSOC, and CSOC customers. The presenter will provide example metrics used by leading, mature CSOCs, and point out along the way where those metrics can boost positive outcomes when used wisely, or drive negative outcomes when used poorly. The audience will be able to directly apply these metrics and methods presented in this talk to their own shops. By measuring and reporting in this manner, overall CSOC performance, executive engagement, and customer engagement should improve.
