Case study

SOC Service Improvement Plan

Assessment & Baseline

- Gap Analysis: Key Device Coverage and asset mapping

- Metrics Collection: MTTR and MTTD

People

- Training & Upskilling: Regular red-team/blue-team exercises, MITRE ATT&CK mapping workshops.

- R&R:Define Tier 1 (triage), Tier 2 (investigation), Tier 3 (threat hunting)

Process

- SOP

- Incident Management

- Sync-up with information/GRC team

Technology

- SIEM

- SOAR

- Threat Intelligence

Governance & Compliance

- Regulatory Framework Alignment: ISO, Local regulations of country and Industry

- Audit Readiness: Ensure logs, evidence, and incident reports meet compliance standards.

- KPIs & Reporting: Monthly dashboards for executives (risk reduction, SLA adherence).