Dalvinder Singh, Senior Consultant, SeMT, Government of Jammu & Kashmir
Security Operations Centres (SOC) enable operators to analyse threats, generate early warnings, prepare intervention programmes and manage crises. Security Operations Centres form the heart of any security infrastructure where data is fused, events correlated and warnings issued. Security entails multiple pillars, such as Information Privacy, Confidentiality, Integrity, Authenticity, Non-Repudiation and Availability. With the inherent complexity involving multiple partners, agencies, registrars, users; multiple access modes with unparalleled number of data records; one needs to have a holistic approach for identifying and addressing security concerns. The security approach emanates from the scope of the entire eco system and would directly influence the security landscape for assets and/or information.
Security is critical for this ecosystem, It seeks to manage risks on a continuous basis and in a more sophisticated, systematic and professional manner. Towards achieving this, one should intends to further strengthen its Information Systems Security by setting SOC for continuous review, monitoring, and mitigation of IT risks, threats and vulnerabilities.
Designing, building, and managing SOC can dramatically improve the ability of an organisation to recognise in a timely manner and take necessary action to safeguard itself against malicious information security events. A SOC can also assist in ensuring organizations leverage the full value of the often expensive investment in security technology and meet multitude regulatory compliance requirements.
Approaching the challenge across the full scope of People, Process and Technology will ensure the SOC is up to the task of effectively and efficiently recognizing and responding to malicious events.
|Key Responsibilities of Information Security Governance and Compliance Office should include:
• Design security policy framework (including policies, processes, procedures)