Towards an advanced Security Operations Centre | Sunday Observer

Towards an advanced Security Operations Centre

Another end-to-end Security Operations Centre (SOC) workshop was hosted by the Just In Time Group (JIT) in collaboration with RSA Security at the 11th Annual National Conference on Cyber Security’ at the Colombo Hilton in November last year.

Digital transformation is no doubt accelerating and disrupting every industry all over the world and it is important to intelligently manage the growing digital risks that arise with it.

A meeting of minds of ICT professionals came together at the 11th Annual National Conference on Cyber Security’ to understand and educate on how these risks could be mitigated.

The key feature of this event was the launching of ‘Sri Lanka Information and cyber security strategy’ aimed for the next five years.

JIT and RSA Security conducted a workshop on ‘Advanced Security Operations Centre’ to share knowledge and awareness on building resilient and comprehensive business-driven security solutions.

Team JIT and RSA conducted a comprehensive end-to-end walk-through of RSA’s Advanced SOC; starting from compliance driven security event management to advanced threat detection and response, guiding the registered participants in each half-an-hour session.

Information Security Engineer at JIT, Pulasthi Jayasinghe said, “We wanted to educate about the importance of building an intelligent SOC and how its security solutions can handle risk that arise from cyber security attacks.

“This actually is necessary which can protect your business from today’s evolving threat vectors.

The professionals, who are already involved in security operations, found it significant how RSA, as a technology vendor, contributes in simplifying the ‘Process’ and resolving the security skills gap headache of the SOC,” he said.

Chief Cyber Security Advisor, RSA International (APJ and EMEA), Leonard Kleinman said, “The successful implementation and refinement of an intelligent SOC provides the ability to compress the timeframe between discovery and remediation. In doing so you significantly reduce attacker dwell time and digital risk to the organisation.”

“Organisations across industries face a Catch-22 with technology: The very technologies they need to compete — cloud applications, virtual infrastructure and mobile devices — provide attackers with more vulnerabilities to exploit and more ways to evade detection. Meanwhile, attackers have more resources than ever for surveilling organisations’ infrastructure and launching their attacks, while security teams struggle with a talent shortage and an ever-expanding list of alerts,” he said.

The RSA NetWitness Platform was designed with these challenges in mind. It brings together evolved SIEM and threat defense solutions that deliver unsurpassed visibility, analytics and automated response capabilities to help security teams detect, prioritize and investigate threats across their organization’s entire infrastructure,” Kleiman said.

The main highlights of the Advanced SOC end-to-end session was not only an insightful discussion about the importance of SOC and its key deliverables but it also covered several topics on RSA SOC in depth. JIT team along with RSA also spoke about the phases of SOC deployment and its solution features starting from visibility into logs, packets, flow data, end-points and threat intelligence, to User and Entity Behavior Analysis (UEBA), and Security Orchestration and automation.

The RSA NetWitness Platform is a combination of technology and services that give security operations teams’ the complete visibility they need to identify threats and investigate attacks, including the most advanced attacks, before they can impact the business, as well as the tools to take targeted action on the most critical incidents.

Incident Response with RSA NetWitness Platform was demonstrated with several examples such as the RSA NetWitness Orchestrator, the Security Orchestration, Automation and Response (SOAR) platform from RSA.

RSA is a strategic principle of JIT. Founded in 1996, JIT is a veteran in the ICT Systems and Integrated Solutions sector in Sri Lanka.

JIT has been recognized in the APAC CIO Outlook magazine’s Annual Top 25 Government and Public Sector Technology Providers in 2017 and was the only local company to be featured. With over two decades of excellence, JIT provides cutting-edge integrated solutions to telecommunications, government, health, defence, and financial sectors.