Joe Lykowski: Building a Transparent, Data-Driven SOC

In this episode we speak with Joe Lykowski - Cyber Defense Lead at a major manufacturing company on what it takes to build a mature, transparent, and effective SOC. Joe brings years of experience to the table in running a large organization’s security team and in this interview he draws out some of his favorite tips, strategies and more on metrics, building the right team, and what to prioritize as you build up a SOC for an org of any size.  Our Guest - Joe LykowskiA graduate of Western Michigan University, Joe has 19 years of professional IT experience ranging from academia, industrial control systems and manufacturing IT, mobile device service management, telepresence services, endpoint protection, and cyber security operations. His current role focused on leading a global team of cyber defenders with the core goal of protecting Dow from the growing cybersecurity threats.Follow Joe on Twitter: @JosephLykowskiSponsor's Note:Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450  Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedInLearn more about SANS' SOC courses at sans.org/soc