Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ColumnsCybersecurityManagementSecurity Talk ColumnSecurity Leadership and ManagementSecurity & Business Resilience

Security Talk

Have You Chosen the Right Person to Lead Your SOC?

By Diane Ritchey
SEC1019-talk-Feat-slide1_900px
SEC1019-talk-slide2_900px
SEC1019-talk-Feat-slide1_900px
SEC1019-talk-slide2_900px
October 1, 2019

Cybercriminals are increasingly penetrating enterprises through non-technical means, such as social engineering. At the same time, there is a global IT security shortage of nearly three million people, according to the 2018 (ISC)2 Cybersecurity Workforce Study, leaving enterprises struggling to find the right talent to safeguard their networks.

There are multiple theories on how to solve the problem, and several programs have popped up in the last few years to attempt to address it.

According to Chris Schueler, SVP of Managed Security Services at Trustwave, enterprises need to consider other options. Yes, IT and cybersecurity degrees are in demand, but we are failing to look at professionals outside of those areas. Enterprises must change their mindsets and begin recruiting talent from non-traditional backgrounds like liberal arts majors, statisticians and private investigators, he suggests.

“There are many backgrounds and alternative skillsets that lend themselves well to cybersecurity, and organizations need to start considering rounding out their cybersecurity teams with people from varied backgrounds,” Schueler says.

Schueler advocates looking at a new type of cybersecurity SOC analyst, one who relies as much on understanding the psychology and science behind a threat, as he or she does on technical know-how, such as:

  • Law Enforcement/Military/Investigators – These professionals are experienced threat hunters, able to adopt a black hat mindset, build criminal profiles and establish modus operandi. They know how to take practices from their former lives, such as establishing “Proof of Life,” and apply them to ransomware attacks and other digital threats. “Law enforcement and military professionals are incredible; they know how to ‘follow the bread crumbs,’” Schueler says. “They look under each stone and are trained to be comfortable in difficult situations. A SOC environment is a pressure cooker, all the time, and military and law enforcement can stay calm and cool under pressure.”
  • Data Scientists and Statisticians – These professionals know how to parse through vast volumes of organizational data to look for unusual patterns or anomalies that can indicate a breach. They also excel at gauging organizational risk tolerance and determining incident probabilities. “Parsing through data – in a private or public cloud or a SaaS environment – is a new big challenge,” Schueler says. “Sure, machine learning helps, but you still need a math and data background to process all of that.”
  • Liberal Arts – “I like this one the most,” Schueler says. From communications to psychology, philosophy to sociology, individuals trained in liberal arts fields help us understand the human side of the equation and leverage abstract thinking to match the minds of black hats.  “These people don’t conform to ‘group think’ easily, and that’s good. Adversaries are unconventional, and liberal arts find variances that may get you to a different result. I see liberal arts professionals as the ones who can understand what the adversary is trying to do; almost becoming a bit of a profiler. If you think in black and white, then you can’t profile. In a SOC, it’s not just one person leading an investigation, and I like the liberal arts professional because you are always guaranteed one person in the pod who won’t conform to group think.”
  • Multicultural Backgrounds – With threats coming from around the world, cybersecurity teams need to include members from a wide variety of geographic and demographic backgrounds who are able to think like black hats and understand their motivations.  “I always advocate for hanging multiple demographics,” Schueler says, “in order to strengthen the overall coverage to offer you different approaches to problems.”

Once you have the “right” person on your SOC team, the next challenge is to keep them, Schueler says. “It’s important that their ‘on position time’ is rotated. Yes, there is a lot of turnover with Tier 1 SOC analysts, but we can help to reduce some of the heavy lifting with automation to help them stay satisfied in their roles. As an industry, we can invest in automation and machine learning to reduce the workload and to provide them with more Tier 2 analyst work. That may be a reason that they stay, or they go. I already see the industry moving towards that direction.”

KEYWORDS: cybercrime cybersecurity Security Operations Center (SOC)

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Diane 2016 200

Diane Ritchey was former Editor, Communications and Content for Security magazine beginning in 2009. She has an experienced background in publishing, public relations, content creation and management, internal and external communications. Within her role at Security, Ritchey organized and executed the annual Security 500 conference, researched and wrote exclusive cover stories, managed social media, and authored the monthly Security Talk column.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Corning Incorporated staff; security operations center, international security, security leadership, security command center

    The Risk Room: Building the Right GSOC for Your Business

    See More
  • Selecting the Right Sized Integrator for your Enterprise

    Selecting the Right Sized Integrator for your Enterprise

    See More
  • SEC1119-talk-Feat-slide1_900px

    Vaping and Students: Enterprise Security Needs to Lead the Charge

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • CPTED.jpg

    CPTED and Traditional Security Countermeasures: 150 Things You Should Know

  • 150 things.jpg

    Physical Security: 150 Things You Should Know 2nd Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing