He has been a leader for Verizon Managed Security Services in the Asia-Pacific region for the past 14 years, and prior to that spent 7 years managing secure internet gateways in Government. Currently he is responsible for the operations of the Verizon APAC Advanced SOC, running 24x7 from the Verizon Canberra offices and working with customers in Australia, Asia-Pacific and across the globe.
Verizon has a proud history of more than 20 years in the local cyber community, helping to protect Enterprise and Government, and Prescott is glad to help continue that heritage. He's helped build and rollout SOC teams onsite in the USA, Germany, Zurich, India and Japan, as well as twice here in Australia. But what he enjoys most is mentoring and building security professionals who have an impact on the wider Australian cyber ecosystem. Prescott has a thirst for learning and is currently completing a MBA (Cyber), trying to turn himself into a data nerd, and in his spare time all things Star Wars.
How NOT to run a SOC
View this presentation on the AusCERT YouTube channel here.
Technical difficulty: Medium
Three years worth of digital transformation initiatives have been deployed in the last twelve months, which means that security teams – already working at full capacity – are now bursting at the seams. Security teams have to contend with a multitude of mundane and repetitive tasks. Investigating phishing emails with weaponized attachments, malware being loaded via third parties, scouring the darkweb, DDoS attacks, and remediating and responding to attacks are all on that list.
Combine all of these with the lack of experienced security analysts, and hyper-competition for experienced ones, in the market and you understand why Security Operations Centers (SOCs) seem to be fighting burnout as well as adversaries.
To put it simply, if everyday, repetitive tasks can be handled automatically, security analysts can focus on more important investigations and incidents in addition to saving time and resources. Case in point is automation via the use of playbooks – automation can shorten tasks from ten minutes to six seconds!
Bruce Biesecker is responsible for Verizon’s Global Security Operations. He will discuss how resource-scarce security teams are increasingly turning to automation to stay updated, better mitigate and investigate breaches, integrate disparate security systems and ultimately reduce fatigue and burnout.