Operators of SOCs must also be discriminating in the amount and types of data collected. The following PowerPoint derived from the Zimmerman manual (2014) can be used for training staff on key data collection design criteria.
_________________________________
References:
Zimmerman, C. (2014). Ten Strategies of a World-Class Cybersecurity Operations Center. The Mitre Corporation.