The * umBlog - worth knowing from the world of data and insights into our unbelievable company.

Should you build your own SOC or use one as a service?

How do you find the right #SOC provider for your company?

You’ve done your homework and decided your company needs an Security Operations Center (SOC) to keep yourself protected and your customers’ data secure. You have a few options available: should you build your own SOC or find a provider for SOC as a service? 

The benefit of having your own SOC is having your own SOC. Depending upon your needs you might need one, but there are quite a few challenges here.

Big money for rare security talent

Good security people are hard to find and aren’t cheap. You’ll need to hire quite a few rare and expensive specialists if you want true 24/7/365 coverage, so be prepared for a long recruitment process. You will have high upfront capital costs of starting a new department in your company, and you will also need to worry about the running expenses. The overwhelming majority of corporations think it isn’t realistic to build their own SOC due to the costs.

Additionally, your own SOC will only handle incidents at your own company. Most likely this will not happen very often, so your experts will get rusty over time. A provider of SOC as a service will have a plethora of clients so will see what is happening in the threat landscape before it reaches you.

The corporate landscape is always changing, with mergers, acquisitions, strategic business decisions and the like. If your corporation makes a major change, your own SOC will need to change as well. Scaling up your SOC as your corporation changes is a painful and time-consuming process, which is another disadvantage.

Efficiency of SOC as a service

Going to an SOC provider like Basefarm/Unbelievable Machine means you are going to a professional who has already invested in the necessary staff, equipment and tools. They will have many other clients, so you get the benefit of their experience. Most likely they will also be heavily involved in the security industry, being members of various associations where they can hone their skills and pass along the latest knowledge. SOC as a service is probably also going to be much cheaper.

Building your own SOC vs. contracting SOC as a service will come down to your company’s individual needs. It is quite possible that creating your own is the best option for you, but hiring an expert SOC provider makes more sense for the majority of firms. You get the skills, experience, industry contacts, continuous learning and efficiency at a lower cost, which is a pretty easy business case to make.

Fredrik Svantes (Basefarm)Read more about our SOC services here.

About the author: Fredrik Svantes is Senior Information Security Manager and Head of the Basefarm Security Operations department.

This might interest you, too:
What is a Security Operation Center and why do you need it?
How do you find the right SOC provider for your company?

Social Media

Latest Blog Posts


The unbelievable Machine
Company GmbH
Grolmanstr. 40
D-10623 Berlin

+49-30-889 26 56-0 +49-30-889 26 56-11

Free Whitepaper

"Hadoop 2: How to realize big data projects successfully" (German version)

To Whitepaper Download

Working at *um:

Go to the Career Page