WHO WE ARE
Our experts have 20+ years each, in the design, build, staffing, and operation of Operation centers throughout the government, military, and commercial sectors. We can design stationary, mobile, and temporary field xOC using best of breed tools, software, and techniques. We can also help teach the skills necessary to be an effective worker in an XOC.
As examples, our employees have worked on the design of the US/ Canadian National Threat Operations Center, Network Operations Center for Century Link, Security Operations Center for DefendNet, and many others.
We will work with our clients to help design, build, and staff an operations center that is effective for your current purposes, as well as designing for the future. We will also help you train the incoming staff now and in the future.
Next Generation SOC
There are many organizations that have a Command Center, and a Network Operations Center, and a Security Operations Center, and an Information Security Operations Center, and ...Our solution is to combine them into a single SPOC, with a secondary ROC (Remote Operations Center) which serves multiple purposes of:
Continuity of Operations Plan, Surge support, Remote backup, and others.
What the SPOC allows you to do is have a Commander that is in charge of ALL security/law enforcement /legal/physical/ ...and he can easily task any of the teams, or let the teams select their work and run independently. Each of the Deputies under that Commander will be in charge of their own area, be it OSINT, or Forensics, or HUMINT, or other.
An example of something this would allow that you likely do not have at this time is the following scenario: Law enforcement captures a laptop that was placed with a bomb. Whose laptop is it? Well, in our scenario, your forensics guys from law enforcement call in forensics guys from the SOC, and OSINT guys from their division, and go through the wireless access points that the machine was connected to determine patterns of behavior, and trace it back to some profile, or group, or a specific person. Then, if needed, you call in the HUMINT guys to take that information and find the specific person. All of this happens in real time because they are all in the same building, if not on the same floor, if not in the same office. Things like this make dramatic improvements in response time, and getting "left of boom"
As for cost savings, you could have people cross-pollinate and do more than one job. This allows you to have 10 CCIE network guys working in the SPOC instead of 8 in the NOC, 8 in the SOC, 4 in the ISOC, etc. AND that ONE absolute genius expert that you were able to find can help out ALL groups instead of just the single office that s/he works in.
One of the problems that we have found with the current way things are done is that there are too many silos; too many groups working in isolation. This problem is not unique to the US/ Canadian Government, or Commercial, or foreign governments. Whether it is due to a need for separation because of classification of work, or because of legal / regulation requirements, or other, almost all organizations work in this manner.
Putting the various silos under one roof working on joint problems with a guy at the top with the trust to break through those barriers and encourage the groups to work together, but also have the authority to remove or fire those that do not participate fully.
THE ONE MAIN CONCEPT THAT WE WOULD LIKE TO GET OTHERS TO UNDERSTAND IS THAT THERE ARE FOUR PREDATOR/PREY MODELS IN THE SECURITY WORLD, AND THEY ARE AS FOLLOWS:
The idea here is that we apply standard, tried and true HUMINT principals to the internet world. Our team has experience in developing SOC, TOC, NOC, etc. We do everything from the design and architecture to staffing and teaching. We do not, however, have a canned solution. We need to work with our clients and customers to help them craft the solution that will be the best fit for them, as well as how to transition from the current state to the end state with as little disruption to staff and operations as possible.
Our team consists of a collection of some of the best minds in the world. These are not people that are Ph.D. researchers but are people who have done these exact tasks in the real world with large multinational corporations, and large government agencies. All of the design features in our SPOC have come out of the experiences of one or more individuals and vetted by the rest of the group as being valid. There is nothing in our designs that "should work in theory", it has all been proven to work in practice.