Two More Days to Get a $400 Amazon Gift Card with qualifying OnDemand course purchase! Don't Miss Out!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Live from the Security Operations Summit: Rethinking the SOC for Long-Term Success & 2019 SANS SOC Survey Preview

  • Monday, June 24, 2019 at 4:00 PM EST (2019-06-24 20:00:00 UTC)
  • John Hubbard, Chris Crowley

You can now attend the webcast using your mobile device!




Virtuous Cycles: Rethinking the SOC for Long-Term Success

Many Security Operations Centers (SOCs) have a burnout problem that leads to negativity and constant turnover. With the increasing cybersecurity talent shortage, keeping the people we have will only become increasingly important. The problem is that "Tier 1" and other SOC roles seem destined to burn people out. So what do we do? While the field of psychology understands the factors that cause burnout, many SOCs do not take the time to do the research and create an environment to fight it. Through meticulously defined process and tiering may be the norm, does it lead to sacrificing quality in the long term? Using science-backed research on intrinsic motivation and studies on SOC burnout factors, this talk will make the case that it's time to reconsider how we structure SOCs in order to create long-term success that benefits both the individual and the organization.

John Hubbard, Author and Certified Instructor, SANS Institute

2019 SANS SOC Survey Preview: Live Simulcast

The 2019 SANS SOC Survey will be released in early July. Join Chris Crowley live or via simulcast for a discussion of what's new in this year's survey, and a sneak peek into topics and responses from this year's results. He will talk about the detailed interviews included this year, and highlight the methodology used to develop the results that many organizations use to direct SOC activities for the following year.

If you can't attend the 2019 SANS Security Operations Summit in New Orleans, attend the simulcast!

Chris Crowley, Summit Chair and Principal Instructor, SANS Institute

Speaker Bios

Chris Crowley

Christopher Crowley is the course author for SANS Management 517 - Managing Security Operations and SANS Management 535 - Incident Response Team Management. Chris holds several industry certifications including the GSEC, GCIA, GCIH (gold), GCFA, GPEN, GMOB, GASF, GREM, GXPN, and CISSP. His teaching experience includes FOR585, MGT517, MGT535, SEC401, SEC503, SEC504, SEC560, SEC575, and SEC580; Apache web server administration and configuration; and shell programming. He was awarded the SANS 2009 Local Mentor of the year award. "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities." Mr. Crowley spends his spare time mountain biking, rock climbing and savoring epicurean treats.

John Hubbard

John is a dedicated blue-teamer and is driven to help develop defensive talent around the world. Through his years of experience as the SOC Lead for GlaxoSmithKline, he has real-world, first-hand knowledge of what it takes to defend an organization against advanced cyber-attacks and is eager to share these lessons with his students. As a SANS Cyber Defense curriculum instructor and course author of SEC455, John specializes in threat hunting, network security monitoring, SIEM design and optimization, and constructing defensive postures that allow organizations to protect their most sensitive data. Throughout class, he works with students to explain difficult concepts in relatable and clear language, illustrates important ideas with stories and demonstrations, and encourages students to push themselves beyond the limit of what they thought possible.

John holds an undergrad degree is in Electrical Engineering from Purdue and a masters degree in Computer Engineering, focusing on information security, from SUNY Binghamton. His past research spans from malware reverse-engineering to car hacking, mobile app security, and IoT devices. In his free time, John enjoys catching every infosec conference he can attend, FPV drone racing, coffee roasting, and slowly turning his home into a data center. He can be found on LinkedIn and on Twitter @SecHubb.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.