International Journal On Cyber Situational Awareness (IJCSA)
ISSN: (Print) 2057-2182 ISSN: (Online) 2057-2182
DOI: 10.22619/IJCSA
Published Semi-annually. Est. 2014
Editor-in-Chief:
Dr Cyril Onwubiko, Chair – Cyber Security & Intelligence, E-Security Group, Research Series, London, UK; IEEE UK & Ireland Section Secretary
Associate Editors:
Professor Frank Wang, Head of School / Professor of Future Computing, Chair IEEE Computer Society, UK&RI, School of Computing, University of Kent, Canterbury, UK
Professor Karen Renaud, Professor of Cyber Security, University of Abertay, Dundee, Scotland, UK
Challenges towards Building an effective Cyber Security Operations Centre
Cyril Onwubiko and Karim Ouazzane
Abstract:
The increasing dependency of modern society on IT systems and infrastructures for essential services (e.g. internet banking, vehicular network, health-IT, etc.) coupled with the growing number of cyber incidents and security vulnerabilities have made Cyber Security Operations Centre (CSOC) undoubtedly vital. As such security operations monitoring is now an integral part of most business operations. SOCs (used interchangeably as CSOCs) are responsible for continuously and protectively monitoring business services, IT systems and infrastructures to identify vulnerabilities, detect cyber-attacks, security breaches, policy violations, and to respond to cyber incidents swiftly. They must also ensure that security events and alerts are triaged and analysed, while coordinating and managing cyber incidents to resolution. Because SOCs are vital, it is also necessary that SOCs are effective. But unfortunately, the effectiveness of SOCs are a widespread concern and a focus of boundless debate. In this paper, we identify and discuss some of the pertinent challenges to building an effective SOC. We investigate some of the factors contributing to the inefficiencies in SOCs and explain some of the challenges they face. Further, we provide and prioritise recommendations to addressing the identified issues.
Keywords: Cyber Security Operations Centre, CSOC, SOC, Cyber Operations, Cyber Onboarding, Effective SOC & Challenges
ISSN: 2057-2182
Volume 4. No. 1
DOI: 10.22619/IJCSA.2019.100124
Date: Dec. 2019
Reference to this paper should be made as follows: Onwubiko, C. and Ouazzane, K. (2019). Challenges towards Building an effective Cyber Security Operations Centre. International Journal on Cyber Situational Awareness, Vol. 4, No. 1, pp11-39.