DESIGNING SOC MATURITY IMPROVEMENT STRATEGIES BASED ON SOC-CMM EVALUATION AND NIST CSF ALIGNMENT: A PT XYZ CASE STUDY

Abstract

With the growing complexity of cyber threats, the role of the Security Operations Center (SOC) has become increasingly critical in ensuring the protection of enterprise information assets. Despite this importance, many SOCs still encounter challenges such as fragmented processes, lack of resource integration, and insufficient alignment with business strategies. This research explores the current state of SOC maturity at PT XYZ and proposes tailored improvement strategies by leveraging two well-established frameworks: the Security Operations Center Capability Maturity Model (SOC-CMM) and the updated version of the NIST Cybersecurity Framework (CSF 2.0). The study adopts a qualitative approach, involving an in-depth review of internal documents, guided interviews with stakeholders, and feedback sessions to validate the findings. Each domain defined by the SOC-CMM—Business, People, Process, Technology, and Services—was assessed using the Maturity Indicator Level (MIL) criteria. The results were then linked to the five functional pillars of the NIST CSF: Identify, Protect, Detect, Respond, and Recover, enabling a risk-oriented interpretation of the organization’s security posture. The analysis reveals that the SOC is positioned between the early and developing stages of maturity, particularly needing improvement in procedural consistency, staff capabilities, and service cohesion. Based on this assessment, the study presents a set of actionable, phased recommendations designed to enhance the SOC’s performance and strategic value. These insights offer a replicable framework for organizations aiming to strengthen their cybersecurity operations through globally recognized best practices.