Most security operations centres ( SOCs ) function around the clock , with employees working in shifts to constantly log activity and mitigate threats . Prior to establishing a SOC , an organisation must define its cybersecurity strategy to align with current business goals and problems . Industry pundits look at SOC adoption and why it is garnering momentum in MEA . By Manda Banda
Asecurity operations centre ( SOC ) is a command centre facility for a team of IT professionals with expertise in information security ( infosec ) who monitors , analyses and protects an organisation from cyberattacks . In the SOC , Internet traffic , networks , desktops , servers , endpoint devices , databases , applications and other IT systems are continuously examined for signs of a security incident .
The overarching strategy of a SOC revolves around threat management , which includes collecting data and analysing that data for suspicious activity in order to make the entire organisation is more secure . Raw data monitored by SOC teams is security-relevant and is collected from firewalls , threat intelligence , intrusion prevention and detection systems ( IPSes / IDSes ), probes and security information , and event management ( SIEM ) systems . Alerts are created to immediately communicate to team members if any of the data is abnormal or displays indicators of compromise ( IOCs ).
According to the 2021 IBM XForce threat intelligence report , cyberattacks on healthcare , manufacturing and energy doubled from the year prior , with threat actors targeting organisations that could not afford downtime due to risks of disrupting medical efforts or critical supply chains .
Sheldon Hand , Data and AI , Automation and Security Business Unit Leader , IBM Southern Africa , said security is top of mind for all organisations across the MEA region . Hand said the COVID-19 pandemic has had widespread impact and the MEA region is also faced with a growing remote workforce which results in sensitive data moving across less controlled environments with limited network visibility , making it more vulnerable to data breaches . “ These are shifts affecting the market and facing many organisations
Dimitris Raekos , Sales Director , MEA SOCRadar
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 51