The SOC-CMM is an free model and tool to measure capability and maturity in Security Operations Centers (SOCs). Since its original release in 2016, it has become a defacto open standard for SOC maturity measurement. The SOC-CMM allows SOCs to gain insight into their strengths and weaknesses across 5 domains and use this information to strengthen their cyber defenses and demonstrate growth. In this presentation, Rob, the author of the SOC-CMM, will explain the SOC-CMM model and the accompanying assessment tool and how to practically apply it to SOCs. Additionally, the usage of the SOC-CMM for purposes of target operating modelling and defining a strategic direction for the SOC is explained.

ABOUT THE SPEAKER

Rob van Os, MSc. is a strategic SOC advisor, who has over a decade of practical experience in security operations. Rob has held several positions in SOCs, from analyst to engineer, from incident responder to SOC manager. Currently, Rob helps SOCs address their strategic challenges, from SOC modernisation and transformation to defining and achieving strategic direction.

Rob has obtained a Bachelor’s degree in Computer Science from Amsterdam University of Applied Sciences in 2009 and a Master’s degree in Information Security from Luleå University of Technology in 2016. Additionally, Rob holds several industry certifications, including CEH and CISSP-ISSAP. Rob is the founder of SOC-CMM and Argos Cyber Security Assessment, helping cyber defence teams achieve their growth and maturity goals. He is also a trainer for Security Academy and SECO Institute.