MKG Marketing MKG Marketing Logo Quotation Marks
Podcasts > What's the Problem

Security Operation Center (SOC) Analysts = Puzzle Makers

Mike Krass • Wednesday, August 10, 2022 • 12 minutes to listen

Subscribe to the Podcast or listen on...

Spotify Anchor

Join our weekly newsletter

We care about the protection of your data. Read our Privacy Policy.

Transcript

Opening

Hello everybody, and welcome to What's the problem, the podcast that explores problems, issues, scenarios, and more that folks in the world of cyber security face today.

Today, we are fortunate to have Menekse Saglam joining us.

Conversation

Mike Krass: Saglam, say hello to our listeners.

Menekse Saglam: Hello, everyone. It’s great to be here. Hi, Mike. Thank you for having me on your podcast. I am honored to join in this important conversation with you and your listeners.

Mike Krass: Absolutely, we're honored that you took the time. We're grateful you took time out of your day to join us. And our listeners were an impatient bunch, and they were ready to get right into it. Can you tell our listeners why you are qualified to talk about cybersecurity based on what you do for a living?

Menekse Saglam: Yes, sure. Why am I qualified to discuss security? I am new in this field, and it has been only seven months in cybersecurity. Before discussing security, it's relevant to discuss how I decided to switch my career from education to cybersecurity. I was a teacher, and I loved my job. I was always satisfied with working with the kids, guiding them in the right way, and supporting them in their decisions. It was a true gift to see their progress. I assume your listeners do, too.

As teachers, we primarily focus on ensuring a safe future by educating kids so they have the necessary knowledge and confidence to enter the real world. And in this century, the real world isn't the physical. It is online. I started to ask myself, are we preparing our children to face online birth? Not only for children but also for adults. Does our system keep up with the constant changes in our society? Include the technological ones. The answer felt no. I knew I had to make it a priority for myself to protect people and guide them. It should be in the cybersecurity field.

Mike Krass: Thank you for sharing that. Thank you for coming from a world of education, and being a teacher is incredibly important even though you're in the world of cybersecurity. Do you want to say thank you for being a teacher?

Menekse Saglam: Thank you. It's a pleasure. And thank you.

Mike Krass: Let's get to the second question here. Tell us about a problem in the world of cybersecurity.

Menekse Saglam: The problem in cybersecurity is the biggest problem that security buyers and practitioners face today. Just before that question, I would like to mention the SOC environment. The SOC environment is before that, but now that I'm in the field, I forget people don't know what SOC stands for. It stands for Security Operation Center, and this might sound like a dictionary definition, but it is important to understand the function of the Cyber Security Operations Center to monitor, prevent, detect, investigate and respond to cyber threats outside the clock. SOC teams monitor and protect the organization's assets, including intellectual property, personal data, business system, and parent integrity.

Basic data SOC has three main legs, process, policy, technology, and human. Let me explain it this way. We can handle the writing policy for all our organizations and the environment. We can detect what process is normal and what is not. We can put the rules. Technology is growing very fast. We have great tools which make it accessible and visible and provide many functions in cybersecurity. But the last one and the most important one is the human factors. It answers the question of the biggest problem that security buyers and practitioners face today. The demand for skilled cyber security professionals is growing faster than the rate at which people are gaining the necessary skills.

Cybersecurity jobs are not limited to the tech sectors. Every industry now needs skilled cybersecurity professionals to protect the network's data and online transactions. IT managers are trying to find analysts who emphasize qualified, but unfortunately, they often hire people without enough experience and education in this field. It's immediately impactful. These people are in the fight with real-world issues coming at them. It's not professional and not feared, or not long-term storage. It emphasizes how important learning in an actual SOC environment is.

As I said before, I work in CyberNow Labs, a SOC training environment whose mission covers this huge talent gap. How do CNLs cover this huge talent gap? Educating yourself and the people by providing tools and attacks in real environments. We create to become immediately useful employers with real experience. People are having intensive training and getting qualified to work as an expert in cybersecurity analysts thrown. When I say cybersecurity analyst role, I hear many confusing titles and job descriptions.

Staying one step ahead of cybercriminals streetcars teams of experts with different secures and knowledge bases. We need to include many different types of people in the SOC. The SOC environment always reminds me of making a big person, completing a puzzle, your unit old pieces, and working collaboratively and wisely. As cybersecurity analysts in the SOC environment, we are puzzle makers and solvers. It is so fun. Can you imagine having fun at work, Mike? You probably do, Mike, because you are interviewing different people in the field.

Mike Krass: I love that. I'm here to sign up. Where do I have fun at work? Where do I do that?

Menekse Saglam: When you complete the puzzle and see the big picture, it's beyond the worst, so much fun. We do the statistic research in the CNS-type environment, and people find jobs in great companies, and the companies we never even considered we could work for. That's what the cybersecurity field needs. It is always easy to mess up a completed puzzle. But it is difficult to put the pieces together and finish the puzzle. It always reminds me of the code from Benjamin Franklin, “Tell Me and I Forget; Teach Me and I May Remember; Involve Me and I Learn” If you like to get involved in the real SOC environment, it will be the right choice for you. I think CNLs and how they go about the mission in this field and what a difference they are making in cybersecurity.

Mike Krass: Thank you very much for sharing, defining the SOC environment, and getting into that analogy of being a puzzle maker. I've got this visual of all the puzzle pieces floating around. I appreciate you bringing that example to life. And as we move to the final question of this episode, let's finish with a little bit of fun like we normally do the next day. Tell us about a terrible haircut you've had at some point.

Menekse Saglam: Oh, terrible cut. As a woman, this story is probably like me now. So let me share one of my main memory about the terrible haircut. When I was eight, my dad took me to the men's barber to cut my hair. He left me at the barbershop, and of course, I had a very short haircut that made me look like a boy. After I was done, I looked for my dad, and one guy asked me, “Hey, boy, who are you looking for?”

Mike Krass: Oh no!

Menekse Saglam: Can you imagine me at school? All my classmates called me a singer's name, who was a man in Turkey when I was born. His name is Berr Pakistan. He was popular at the time and had the same haircut as me. I started singing his song and making the joke about my head being caught as well. It’s just the humor of sense.

Mike Krass: Thank you, not just for sharing this information about the SOC environment, but also, you got into some Turkish pop culture and some bad haircut stories. I appreciate you being vulnerable and punching, putting yourself out there. As they say, and as we wrap up this episode, we always want to extend the opportunity to our listeners for them to reach out to either you or the company that you work for. Could you just let the listeners know the best way to get in touch with you or any of your colleagues in case they want to talk to your company?

Menekse Saglam: I had a LinkedIn account, and my company is CyberNow Labs. I can provide the links and information.

Mike Krass: We'll have those those links in the show notes. It'll be very easy for folks to reach out to either you or CyberNow Labs and talk to them about anything they might need in terms of questions about outsourcing their security operation center or anything in the world of security. And to our listeners, thank you for tuning in to this episode of What's the Problem, the podcast that explores problems, issues, scenarios, and overall happenings in cybersecurity.

Menekse Saglam: Of course, thank you for having me. It was a pleasure for me.

Menekse Saglam

Menekse Saglam is the Security Operations Analyst at CyberNow Labs. Menekse is an information security professional and a self-motivated professional with strong technical, analytical, and interpersonal skills.

Join our weekly newsletter

Get industry news, articles, and tips-and-tricks straight from our experts.

We care about the protection of your data. Read our Privacy Policy.