A security operation center (SOC) provides a business with centralized security management, including continuous monitoring, detecting intrusions, analyzing potentially malicious activity and responding to cybersecurity incidents. The challenge for many small and medium-sized businesses (SMBs), however, is finding skilled resources and implementing effective tools to protect their IT environments. SOC as a Service (SOCaaS) meets this need.
SOCaaS provides businesses with a SOC managed service, covering security solution implementation, 24/7 monitoring, documentation and incident response. Zack Schwartz, Vice President, Strategic Partnerships at Trustifi, describes the demand for these services as “moderate but steady.”
The SOCaaS Demand from SMBs and Other Businesses
Schwartz says, “We primarily see the small enterprise space taking advantage of Security as a Service overall, including SOCaaS. At this level, companies have a large number of employees and endpoints, but often don’t maintain enough in-house IT resources to tackle a full-fledged security operations environment on their own.”
He comments, however, that more companies are exploring these services, especially since the SolarWinds and Microsoft Exchange breaches. “These cyberattacks have put a huge spotlight on cybersecurity and how vulnerable companies really are to a cyberattack,” says Schwartz. “No company is invulnerable to attack. Layered, comprehensive protection is a must-have.”
“With the increased number of breaches, management teams have been compelled to double down on the funding and resources allocated to IT,” Schwartz adds. “We’re at a point where if managed services providers (MSPs) are not delivering comprehensive security management, then they won’t remain in business very long.”
SOCaaS as a Part of the Post-Pandemic Strategy
New business models and remote work during the pandemic have also driven the SOCaaS demand. “With more employees working from home, the new hybrid workplace has introduced greater opportunities for malicious actors to target these environments,” Schwartz explains.
He points out that numerous home networks haven’t been configured with the same security standards as the employee’s office environment. The threat was greatest during the beginning of the pandemic when companies made a rapid transition to the work-from-home model. “The increase in cyberattacks on home infrastructures during this period underscored the need to fortify security, and a cloud-based management model was one of the best ways to accomplish that during shut-downs,” Schwartz says.
And, SOCaaS providers had to adapt along with their clients. “They have had to pivot to the new normal of connecting a large number of potentially unsecured endpoints to the network, all while mitigating false positives and supplying actionable intelligence to the field,” he says.
SOCaaS providers have also had to adapt to increasing cyberattack activity. “Many businesses have invested heavily in security monitoring and management in the cloud, yet they are inundated with alerts and analytics they are challenged to manage in-house. SOCaaS providers are taking up that mantle, leveraging technology to better mitigate the impact of an increase in cyberattacks that accompanied the influx of teleworkers,” he says.
Advice for SOCaaS Providers
According to Schwartz, it’s key for SOCaaS providers to make things as simple as possible for their clients’ executive teams so they can fully understand their points of vulnerability and how to mitigate risk. However, at the same time, you need to ensure you are providing comprehensive services through your SOCaaS offerings. “For example, a great percentage of breaches comes from business email compromise,” Schwartz explains. “So, features like cloud-based email encryption, and threat mitigation that protects email data, need to be an essential part of the SOCaaS approach.”
He adds, as more SOCaaS vendors are entering the market and end users are more aware of the benefits, such as trading a CAPEX for an OPEX, lessening the burden on in-house IT, and always using an updated version of security solutions in the cloud, you may see an uptick in the number of businesses interested in this service.
Make sure your MSP business is ready to meet the demand. 
