What is the security operations centre?

The security operations center (SOC) is provided by Ignite Systems, a company specialising in providing cyber security services to small business.

The SOC facility houses an information security team responsible for monitoring and analysing an organisation’s security posture on an ongoing basis.  The SOC team’s goal is to detect, analyse, and respond to cyber security incidents using a combination of technology solutions and a strong set of processes.

The SOC is responsible for ensuring that managed computers are monitored, threat intelligence is considered, and threats are correctly identified, analysed, defended, investigated, and reported.

x

The proof is in the numbers

Business security used to be simple: Set everything up and check every now and then to make sure it was all working.  Now the cyber threat landscape is constantly evolving, and static security is no longer adequate. 

The figures are proof that businesses need better cyber security:

• 4.1 billion records exposed through data breaches in the first half of 2019
• 43% of cyber-attacks target small business.
• $300 million in losses per year in Australia due to cybercrime.
• 59,806 cybercrime reports to the ACSC in the period 1 July 2019 to 30 June 2020.
• Significant increase in Business Email Compromise over last 12 months according to ACSC.
• 62% of small businesses experienced a cyber security incident (ACSC small business survey).
• 67% increase in security breaches globally since 2014.

How a SOC works

Not the Ignite Systems SOC, but this will give you an overview of how a SOC works.

The mission of the SOC team is to continually monitor cyber security health and respond to alerts and incidents.  The resources available to the SOC includes:

• Real-time monitoring and alerting.
• Tools to analyse aggregated log and event data.
• Machine learning and artificial intelligence aids in identifying threats.
• Threat intelligence information from a range of sources.
• Tools to analyse suspected threats.

The SOC maintains a laser focus on what’s happening across all managed computers, keeps its fingers on the pulse of an ever-evolving threat landscape, and stays ahead of the bad guys.