Few weeks ago, I was invited to the ICS Arabia Podcast, along with my colleagues with whom I worked on the SOC-CMM Whitepaper - Assessing and Maturing OT SOCs. During the recording, we discussed how organizations may approach Security Operations in industrial and OT contexts. If this topic interests you, you may find the resulting ICS Arabia Podcast episode, which was published yesterday, on YouTube...

To slightly paraphrase Peter Drucker’s famous quote, one can’t manage what one can’t measure. This – of course – holds true even for Computer Security Incident Response Teams (CSIRTs) and Security Operations Centers (SOCs). The only question is, how can we “measure” what they do in a meaningful way? This is what we will discuss in this article...