Information Security Operation Center Case Analysis
The increasing growth of cybercrime and the associated risks are forcing most organizations to focus more attention on information security. It is critical that organizations must find a way to protect their data. This article will describe how to plan, develop and create an Information Security Operation Center (ISOC). Basically, an ISOC brings together the many isolated monitoring and response functions in a unified framework. Therefore, having an ISOC will benefit organizations in real time security incident management, monitoring and improving threat analysis across network systems, efficient forensics and root cause analysis. Building an ISOC requires significant technical resources and time. This article will be focusing …show more content…
The cybercrime positions are information security analyst, incident response/management, vulnerability management and computer forensic. The first cyber team is vulnerability management, which is the process in which vulnerabilities in IT are identified and the risks of these vulnerabilities are evaluated. This evaluation leads to correcting the vulnerabilities and removing the risk or a formal risk acceptance by the management of an organization (Palmaers, 2013). Organizations need to have a computer forensic officer or a team to prepare when computer incident happen. The computer forensic response team responsibility is to perform crime investigations by using evidence from digital data to find who was the responsible for that particular crime. To protect a corporate from any network attack, it is critical that an organization should have an Incident Response team, who can help monitoring and detecting the organization network security events.
By using an IDS/IPS and network monitoring tools, the Incident Response team monitor and detect malicious attacks and escalate the attacks to higher management