This talk explains how DICTU built a Cyber Defense Center (CDC), basically a next-generation SOC, combining proactive, threat intel-driven defense and offensive capabilities. We will explain this using a medievil theme, so that you can follow along regardless of your background and technical level of expertise. It covers the motivation for building a CDC, its services, business value, and organizational design. The session describes the transition from a traditional SOC to a CDC and the frameworks used in achieving this, such as the SOC-CMM framework and the Joint-SOC Best Practice. The SOC-CMM framework is divided into the following five axles: Business, People, Process, Technology & Services, which we have incorporated in our comprehensive blueprint for the CDC. Finally, also a section about collaboration with different partners within the Dutch government. In the end we would like to motivate you to also build your own CDC.
