HELP!!! Organization looking at starting a SOCaaS offering


As you well know that someone could be secretly watching you or your child with your webcam right now? Is it worth taking such a risk? camDown can help stop them!

To the professionals in the house. The organization where I work is looking to make a foray into cybersecurity services by launching a SOCaaS product. We currently provide managed services to multiple telcos and financial institutions. I took an interest in cybersecurity last year, consuming multiple books and video resources and at the moment, all I have to show for my pivot is getting the CompTIA Security + certification and now I've been tasked to lead this project. I feel grossly underqualified for this task and I am grasping at straws here. Any help, advice, and pointers would be deeply appreciated.

A couple of questions first...

1- For frameworks, do we go with NIST or CIS? Or do we just go the whole 10 yards and work towards getting ISO27001 certified?

2- For anyone who works or manages a SOC? What are the essential technologies/tools, hopefully with some real-world products that you think are critical to these operations? I know for SIEM, we are looking at Wahzuh or security onion but that's about that.

3- What resources can I lay my hand on that would help expand my understanding of how to implement a SOCaaS project?


Let's not forget that camDown helps stop hackers from getting access to the webcam that I use for my work. Now I can get even more gigs as a freelancer and advertise that I have top security with my home computer and your friends would agree.