Challenges towards Building an effective Cyber Security Operations Centre

02/08/2022
by   Cyril Onwubiko, et al.
0

The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made Cyber Security Operations Centre (CSOC) undoubtedly vital. As such security operations monitoring is now an integral part of most business operations. SOCs (used interchangeably as CSOCs) are responsible for continuously and protectively monitoring business services, IT systems and infrastructures to identify vulnerabilities, detect cyber-attacks, security breaches, policy violations, and to respond to cyber incidents swiftly. They must also ensure that security events and alerts are triaged and analysed, while coordinating and managing cyber incidents to resolution. Because SOCs are vital, it is also necessary that SOCs are effective. But unfortunately, the effectiveness of SOCs are a widespread concern and a focus of boundless debate. In this paper, we identify and discuss some of the pertinent challenges to building an effective SOC. We investigate some of the factors contributing to the inefficiencies in SOCs and explain some of the challenges they face. Further, we provide and prioritise recommendations to addressing the identified issues.

READ FULL TEXT

page 1

page 15

page 28

research
04/24/2021

A Review on C3I Systems' Security: Vulnerabilities, Attacks, and Countermeasures

Command, Control, Communication, and Intelligence (C3I) system is a kind...
research
09/02/2021

The Good, The Bad and The Missing: A Narrative Review of Cyber-security Implications for Australian Small Businesses

Small businesses (0-19 employees) are becoming attractive targets for cy...
research
08/26/2019

Airport Cyber Security and Cyber Resilience Controls

Cyber Security scares are the main areas of demerits associated with the...
research
12/07/2020

Real-time monitoring as a supplementary security component of vigilantism in modern network environments

The phenomenon of network vigilantism is autonomously attributed to how ...
research
03/24/2023

Evaluating the impact of government Cyber Security initiatives in the UK

Cyber security initiatives provide immense opportunities for governments...
research
06/27/2021

A Systematic Review of Bio-Cyber Interface Technologies and Security Issues for Internet of Bio-Nano Things

Advances in synthetic biology and nanotechnology have contributed to the...
research
09/01/2023

Monitoring and Maintenance of Telecommunication Systems: Challenges and Research Perspectives

In this paper, we present challenges associated with monitoring and main...

Please sign up or login with your details

Forgot password? Click here to reset