A Security Operations Center (SOC) is the continuous monitoring of information that enables security professionals and others to see a continuous stream of real time snapshots of the state of risk to their security, data, the network, end points, and even cloud devices and applications.
Related Terms: Security Event and Incident Management (SEIM), Security Operations
Source: NIST CSF Practitioner
What does this mean for SMB’s?
SMB’s often find Security Operations Centers beyond their financial capacity for the simple reason it is very expensive to stand up a SOC on your own. To perform the monitoring with eyes-on-glass in near-real-time 24x7x365 requires a large number of employees. That makes the use of a Managed Security Services Provider more palatable for the SMB’s in highly regulated industries that are obligated to perform this level of incident monitoring, detection, and (hopefully) protection. If you’re an SMB who needs to implement a SOC for solutions like a Security Event and Incident Monitoring solution, look to outsource to an MSSP.