Three SOC Paradoxes To Fix in 2025
Reflections and takeaways from the 2025 SANS SOC Survey.
Matt Muller
InfoSec Opinion Column #7 (July 14, 2025)
Consider it the Axios of what matters in cybersecurity. Or the Hacker News comments section, depending on the day. All hand-curated, no AI involved. This week: cybersecurity liability in the EU.
InfoSec Opinion Column #6 (June 23, 2025)
Consider it the Axios of what matters in cybersecurity. Or the Hacker News comments section, depending on the day. All hand-curated, no AI involved. This week: Moving beyond the tiered SOC model.
InfoSec Opinion Column #5 (June 16, 2025)
Consider it the Axios of what matters in cybersecurity. Or the Hacker News comments section, depending on the day. All hand-curated, no AI involved. This week: 2025 survey results for how security orgs are structured and compensated.
InfoSec Opinion Column #4 (June 9, 2025)
Consider it the Axios of what matters in cybersecurity. Or the Hacker News comments section, depending on the day. All hand-curated, no AI involved. This week: Applying the flywheel concept to cybersecurity.
InfoSec Opinion Column #3 (June 2, 2025)
Consider it the Axios of what matters in cybersecurity. Or the Hacker News comments section, depending on the day. All hand-curated, no AI involved. This week: CISA Guidance for SIEM and SOAR Implementation.
InfoSec Opinion Column #2 (January 31, 2025)
InfoSec Opinion Column is a regular summary of long-form, thought-provoking security content.
InfoSec Opinion Column #1 (January 21, 2025)
InfoSec Opinion Column is a regular summary of long-form, thought-provoking security content.
Phishing simulations are worse than useless
Why we keep ignoring the data that phishing simulations don't have a meaningful impact on security - and what we should be doing instead.
SecOps Process Framework for Automation and AI
Did you know that refrigerators and cyber incident response plans can share an ISO standard?