To protect their vital information assets better and be more responsive to business requirements, companies have shifted security programs to gain better visibility into what happens in their environments. As a result, security teams have to gather data from an increasing number of sources and must provide more comprehensive analysis and response for the issues they encounter. This means that many organizations are formalizing their approach to security operations and creating security operations centers (SOC). To ensure success in this arena, careful people management and process re-engineering take priority over technology and tools.