Challenges towards building an effective cyber security operations centre
The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made cyber security operations centre (CSOC) undoubted...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
AIRCC Publishing Corporation
2019
|
| Subjects: | |
| Online Access: | https://repository.londonmet.ac.uk/5293/1/IJCSA-Journal-Challenges%20towards%20building%20an%20effective%20CSOC%20v0.8_21st-September_repository.pdf |
| _version_ | 1804072447039766528 |
|---|---|
| author | Onwubiko, Cyril Ouazzane, Karim |
| author_facet | Onwubiko, Cyril Ouazzane, Karim |
| author_sort | Onwubiko, Cyril |
| collection | LMU |
| description | The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made cyber security operations centre (CSOC) undoubtedly vital. As such security operations monitoring is now an integral part of most business operations. SOCs (used interchangeably as CSOCs) are responsible for continuously and protectively monitoring business services, IT systems and infrastructures to identify vulnerabilities, detect cyber-attacks, security breaches, policy violations, and to respond to cyber incidents swiftly. They must also ensure that security events and alerts are triaged and analysed, while coordinating and managing cyber incidents to resolution. Unfortunately, the effectiveness f SOCs are a widespread concern and a focus of boundless debate. In this paper, we identify and discuss some of the pertinent challenges to building an effective SOC. Further, we provide and prioritise recommendations to addressing the identified issues. |
| first_indexed | 2024-07-09T03:59:17Z |
| format | Article |
| id | oai:repository.londonmet.ac.uk:5293 |
| institution | London Metropolitan University |
| language | English |
| last_indexed | 2024-07-09T03:59:17Z |
| publishDate | 2019 |
| publisher | AIRCC Publishing Corporation |
| record_format | eprints |
| spelling | oai:repository.londonmet.ac.uk:52932020-08-24T08:24:02Z http://repository.londonmet.ac.uk/5293/ Challenges towards building an effective cyber security operations centre Onwubiko, Cyril Ouazzane, Karim 000 Computer science, information & general works The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made cyber security operations centre (CSOC) undoubtedly vital. As such security operations monitoring is now an integral part of most business operations. SOCs (used interchangeably as CSOCs) are responsible for continuously and protectively monitoring business services, IT systems and infrastructures to identify vulnerabilities, detect cyber-attacks, security breaches, policy violations, and to respond to cyber incidents swiftly. They must also ensure that security events and alerts are triaged and analysed, while coordinating and managing cyber incidents to resolution. Unfortunately, the effectiveness f SOCs are a widespread concern and a focus of boundless debate. In this paper, we identify and discuss some of the pertinent challenges to building an effective SOC. Further, we provide and prioritise recommendations to addressing the identified issues. AIRCC Publishing Corporation 2019-12 Article PeerReviewed text en cc_by_nc_nd_4 https://repository.londonmet.ac.uk/5293/1/IJCSA-Journal-Challenges%20towards%20building%20an%20effective%20CSOC%20v0.8_21st-September_repository.pdf Onwubiko, Cyril and Ouazzane, Karim (2019) Challenges towards building an effective cyber security operations centre. International Journal on Computational Science & Applications, 4 (1). pp. 11-39. ISSN 2200-0011 https://www.c-mric.com/100124 10.22619/IJCSA.2019.100124 |
| spellingShingle | 000 Computer science, information & general works Onwubiko, Cyril Ouazzane, Karim Challenges towards building an effective cyber security operations centre |
| title | Challenges towards building an effective cyber security operations centre |
| title_full | Challenges towards building an effective cyber security operations centre |
| title_fullStr | Challenges towards building an effective cyber security operations centre |
| title_full_unstemmed | Challenges towards building an effective cyber security operations centre |
| title_short | Challenges towards building an effective cyber security operations centre |
| title_sort | challenges towards building an effective cyber security operations centre |
| topic | 000 Computer science, information & general works |
| url | https://repository.londonmet.ac.uk/5293/1/IJCSA-Journal-Challenges%20towards%20building%20an%20effective%20CSOC%20v0.8_21st-September_repository.pdf |
| work_keys_str_mv | AT onwubikocyril challengestowardsbuildinganeffectivecybersecurityoperationscentre AT ouazzanekarim challengestowardsbuildinganeffectivecybersecurityoperationscentre |