Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy

Submitted by grigby1 on Tue, 03/07/2017 - 1:37pm

Title	Cyber security operations centre: Security monitoring for protecting business and supporting cyber defense strategy
Publication Type	Conference Paper
Year of Publication	2015
Authors	Onwubiko, C.
Conference Name	2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)
Date Published	jun
Keywords	Analysis, Business, business control, business protection, Computer crime, Correlation, CSOC, CSOC Benefits & Challenges, CSOC framework, CSOC Strategy, cyber defense strategy support, Cyber Incident Response, cyber security operations centre, cyber situational awareness, CyberSA, government data processing, Her Majestys Government, HMG protective monitoring controls, ICT systems, information and communications technology, Log Source, Monitoring, pubcrawl170109, risk management, security monitoring, security of data, SoC, system-on-chip, Timing
Abstract	Cyber security operations centre (CSOC) is an essential business control aimed to protect ICT systems and support an organisation's Cyber Defense Strategy. Its overarching purpose is to ensure that incidents are identified and managed to resolution swiftly, and to maintain safe & secure business operations and services for the organisation. A CSOC framework is proposed comprising Log Collection, Analysis, Incident Response, Reporting, Personnel and Continuous Monitoring. Further, a Cyber Defense Strategy, supported by the CSOC framework, is discussed. Overlaid atop the strategy is the well-known Her Majesty's Government (HMG) Protective Monitoring Controls (PMCs). Finally, the difficulty and benefits of operating a CSOC are explained.
URL	http://ieeexplore.ieee.org/document/7166125/
DOI	10.1109/CyberSA.2015.7166125
Citation Key	onwubiko_cyber_2015

Groups:

Science of Security VO