Title :
Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy
Author_Institution :
Intell. & Security Assurance, E-Security Group, London, UK
Abstract :
Cyber security operations centre (CSOC) is an essential business control aimed to protect ICT systems and support an organisation´s Cyber Defense Strategy. Its overarching purpose is to ensure that incidents are identified and managed to resolution swiftly, and to maintain safe & secure business operations and services for the organisation. A CSOC framework is proposed comprising Log Collection, Analysis, Incident Response, Reporting, Personnel and Continuous Monitoring. Further, a Cyber Defense Strategy, supported by the CSOC framework, is discussed. Overlaid atop the strategy is the well-known Her Majesty´s Government (HMG) Protective Monitoring Controls (PMCs). Finally, the difficulty and benefits of operating a CSOC are explained.
Keywords :
government data processing; security of data; CSOC framework; HMG protective monitoring controls; Her Majestys Government; ICT systems; business control; business protection; cyber defense strategy support; cyber security operations centre; information and communications technology; security monitoring; Business; Computer crime; Monitoring; System-on-chip; Timing; Analysis; CSOC; CSOC Benefits & Challenges; CSOC Strategy; Correlation; Cyber Incident Response; Cyber Security Operations Centre; Cyber Situational Awareness; CyberSA; Log Source; Risk Management; SOC;
Conference_Titel :
Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on
Conference_Location :
London
DOI :
10.1109/CyberSA.2015.7166125
