TIM-8365

Girling, P. X. (2022, February). Operational Risk Management, 2nd Edition. Wiley.
Read Chapter 5: Culture and Awareness.
This chapter explores the challenges of bringing about a successful culture change that supports an effective operational risk framework. It considers planning, marketing and communication, training, and sponsorship. It explores the challenges of implementing a framework that works effectively in today's digital paradigm and agile approaches. In addition, this chapter investigates the “use test” requirements of operational risk regulation and explores how activities that change the culture can contribute to meeting the required standards.

Muniz, J., Lakhani, A., Santos, O., & Frost, M. (2021, April). The modern security operations center. Addison-Wesley Professional.
Recommended Reading Chapter 8: Threat Hunting and Incident Response.
This chapter looks at how mature SOCs provide incident response services. Responding to an incident includes the entire process of identifying the threat, confirming the threat is real, deciding which playbook to launch, containing and eradicating the threat, recovering from the incident, and following through with post-incident response steps such as hosting a lessons learned session.