Business Continuity Management / Disaster Recovery , Governance & Risk Management , IT Risk Management

CyberEd Board Profiles in Leadership: Elrich Engel, AMP

What to Insource and Outsource Depends on Core Competencies
Elrich Engel, CISO and director of data and architecture and CyberEdBoard Executive Member

What security functions should be kept in house, and which ones should be outsourced?

See Also: Live Webinar | How To Meet Your Zero Trust Goals Through Advanced Endpoint Strategies

The sands are shifting: the days of a fully in-house security operations center are probably gone now, says Elrich Engel, CISO and director of data and architecture at AMP, an Australian financial services company.

Engel says analysts aren't just monitoring and analyzing events from antimalware and firewalls, but myriad components that wouldn't make sense to completely insource. An organization needs to figure out what their core competencies are, which can help in developing their own hybrid model.

The capabilities and telemetry required to run a modern or next-generation SOC, including the likes of threat intelligence, threat hunting and in some cases also commercial threat feeds are all now widely considered core components of a SOC - all lends itself to a hybrid model," Engel says.

In this video interview with Information Security Media Group as part of CyberEdBoard's ongoing Profiles in Leadership series, Engel discusses:

  • How the SOC is evolving with respect to insourcing and outsourcing;
  • How hybrid models of delivering security are extending even to the endpoint;
  • What organizations should consider when designing breach attack simulations .

Engel is CISO and director of data and architecture at AMP. He previously was the CISO for Vodafone Australia.

CyberEdBoard is the premier members-only community of executives and thought leaders in the fields of security and IT. Membership in Information Security Media Group’s CyberEdBoard provides executives with a powerful peer-driven collaborative ecosystem and library of resources to address complex challenges shared by CISOs and senior security leaders worldwide. Executive members use the CyberEdBoard engagement platform to further enhance their professional brands, create and exchange member-exclusive resources, obtain accredited education and content, contribute in the executive mentor marketplace and seamlessly connect with senior security peers and experts around the world.

Join the Community. The CyberEdBoard global community is accepting applications from qualified CISOs and senior security stakeholders. To submit your application for membership consideration, visit today.

Apply for membership

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.