Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementPhysicalSecurity Enterprise ServicesSecurity Leadership and ManagementLogical Security

Is Remote SecOps a Good Long-Term Plan?

By Chris Triolo
Creating the GSOC: 4 Leading Examples of Successful Security Operations Centers
May 19, 2020

The COVID-19 pandemic has challenged and stretched organizations, which have been forced to become remote workplaces, sometimes overnight. Some employees relish the opportunity to work from home, some do not, and managers are learning how to manage all of them from afar. As remote work gains steam, due largely to collaboration technologies like Slack and Zoom, futurists predict a post-pandemic world in which many employees expect to retain the work-from-home option.

Those who work in SecOps are no exception. Employees and industry analysts alike are making the case for remote SecOps. However, the long-term feasibility of this option is up for debate. Organizations actually stand to gain greater success using a combination of traditional SecOps and the appropriate use of automation.

 

Pitfalls of the Remote SOC

For SecOps teams, working remotely is difficult. It can be done during a time of crisis, and many organizations have implemented this tactic out of sheer necessity. They continue to function in this strange time, but incident response is by its nature a collaborative process. Working in isolation is by no means ideal.

This is particularly true for new security analysts. They will most likely find remote work difficult; SOC analysis is not a job one learns individually. In most cases, new analysts learn by working with more senior analysts, in the SOC, side by side. Those who aren’t in the trenches underestimate the amount of guidance new security analysts need. It’s also harder for any analyst to troubleshoot alone. It’s much easier and faster when the person you need to help or need help from is in the same building.

When organizations are suddenly thrust into a remote work protocol, it can prove challenging to support workers with all the equipment and access they need. This is particularly true for security analysts. Will they be able to see the SOC console where alerts are processed and viewed? Will they have access to incident response ticketing systems, shift turnover logs, investigation notes and other required information and tools?

 

Business Continuity Through Automation

Automation plays a pivotal role in sustaining security operations during crisis situations. It can reduce an organization’s reliance on the usual number of personnel by taking over many redundant tasks. If an organization needs to limit its manpower – such as during times when members of the SOC team cannot work, whether for health or other reasons – it needs to increase its investment in automation. Cloud migration is also helpful in this scenario, since the use of SaaS and IaaS solutions has reduced the need for employees to be physically present in the workplace – in this case, in the data center.

Inherent human limitations continue to be the primary bottleneck in SecOps. No matter how highly skilled and intelligent SOC analysts are, they will never be able to get better or faster at monitoring the massive quantities of security log data that an organization’s sensors produce today. Automation is a valuable tool that addresses this disconnect. 

Most of today’s SOCs are constructed based on formally structured, regular and repeatable operational processes. This means they are already set up to be highly responsive to automation. SOC teams can automate tasks that go far beyond the capabilities of the human mind, such as correlating an IP address associated with an alert with a sequence of events that took place on another part of the network in the past.

SOC automation is practical from a staffing perspective, but it has the added benefit of ensuring that team members can turn their skilled attention to more fulfilling and interesting activities than console monitoring, such as threat hunting. If automation can analyze and triage security data better than humans can, then leave it to automation. in this way, automation decreases the chance of errors and of the burnout that leads to employee turnover. And this ultimately helps your organization stay resilient, even during times of crisis.

 

Remote Communications for Your SOC Employees 

Because remote SecOps is sometimes necessary, so is a strong remote communications plan. This includes:

  • Ensuring the set-up of appropriate, necessary notifications for the appropriate team members. 
  • Verifying that contact information for all team members – including both work and personal phone numbers and email addresses – is up to date.
  • Creating an FAQ document to direct employees to the appropriate contact for the different subjects/topics that arise.

Scheduling is also an important consideration. Shifts need to be planned with both primary and back-up staff. The whole SOC team should know not only their own role but also the availability of everyone else on the team. Publish staff schedules in a way that everyone can access and making sure that shifts and turnover policies are communicated clearly.

 

Short-Term Remote, Long-term Automation

The pandemic is a particularly extreme example of the uncertainties of life. Business continuity requires innovation and agility, particularly for critical areas of business like SecOps that can’t afford to miss a beat. Organizations have the cloud-based tools available to weather this storm from a safe distance, but once the stay-at-home order lifts, is SecOps one of the functions that should remain remote?

Automation is a necessary aspect of an agile business continuity plan but seeing its successful use during times of crisis as a go-ahead order for long-term remote work is the wrong conclusion. SecOps is a team pursuit that requires live, fast interaction, which means it is better suited to on-site roles. Fortunately, though, automation is available to help for those few times when that’s not possible and for all other times to improve the organization’s security posture.

KEYWORDS: automation COVID-19 remote work Security Operations Center (SOC)

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Chris triolo

Chris Triolo is vice president of customer success at Respond Software. Chris’ security expertise includes building world-class Professional Services organizations as VP of Professional Services at ForeScout and global VP of Professional Services and Support for HP Software Enterprise Security Products (ESP). Chris’ depth in Security Operations and leadership includes a long tenure at Northrop Grumman TASC supporting various Department of Defense and government customers including Air Force Space Command (AFS PC) Space Warfare Center, United States Space Command (USSPACECOM) Computer Network Attack and Defense, Air Force Information Warfare Center (AFIWC), and others.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • SEC0519-Cyber-Feat-slide1_900px

    Decision Automation in Security Operations Brings Transparency and Trust to AI

    See More
  • coronavirus

    Preparing for the Long-Term Impacts of COVID-19

    See More
  • cyber-SMB

    Surge in remote work propels network visibility to top concern for NetOps and SecOps

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!