Operational cybersecurity teams are constantly engaged in a race against time. To keep up with the rapidly evolving threat landscape, an efficient and constantly adapting security operations center, SOC, is essential. This session challenges the oversimplified view of SOC as mere tiered analyst structures and introduces a systemic approach to address their inherent complexity.

Thomas Billaut, head of cyber operations at FORVIA, examines why traditional problem-solving methods often fail in SOC environments and explores four critical areas frequently overlooked:

• Moving beyond symptoms to address root causes rather than implementing quick fixes;
• Connecting expertise silos rather than breaking them;
• Aligning SOC operations with business risk priorities;
• Implementing meaningful measurement frameworks that protect teams from burnout.