Cybersecurity – Security Operations Center

Sixth International Scientific Conference ITEMA Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture Pub Date : 1900-01-01 DOI:10.31410/itema.2022.99

Pedro Falé, Leonilde Reis, Rui Almeida

{"title":"Cybersecurity – Security Operations Center","authors":"Pedro Falé, Leonilde Reis, Rui Almeida","doi":"10.31410/itema.2022.99","DOIUrl":null,"url":null,"abstract":"Currently, most organizations are dependent on Information and Communication Technologies, in the sense of accomplishing their underlying business activities. In this scope, cybersecurity is considered the domain that has the strength to protect sensitive information, be it at the individual level or in an organizational context. The objective of this paper is to introduce the concept, relevance, and functions of a Security Operations Centre. The methodology underlying the study was based on the use of the MITRE Adversarial Tactics, Techniques and Common Knowledge framework as a matrix of tactics and techniques based on real scenario observations. The main results emphasize the importance of incorporating the Security Operations Center as a barrier against cybersecurity threats. Security Operations Center brings additional value to the organizational context, through people, processes and technologies while also using several frameworks to improve work management, incident response and incident control.","PeriodicalId":389229,"journal":{"name":"Sixth International Scientific Conference ITEMA Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Sixth International Scientific Conference ITEMA Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31410/itema.2022.99","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Currently, most organizations are dependent on Information and Communication Technologies, in the sense of accomplishing their underlying business activities. In this scope, cybersecurity is considered the domain that has the strength to protect sensitive information, be it at the individual level or in an organizational context. The objective of this paper is to introduce the concept, relevance, and functions of a Security Operations Centre. The methodology underlying the study was based on the use of the MITRE Adversarial Tactics, Techniques and Common Knowledge framework as a matrix of tactics and techniques based on real scenario observations. The main results emphasize the importance of incorporating the Security Operations Center as a barrier against cybersecurity threats. Security Operations Center brings additional value to the organizational context, through people, processes and technologies while also using several frameworks to improve work management, incident response and incident control.

查看原文本刊更多论文

网络安全—安全运营中心

目前，大多数组织都依赖于信息和通信技术来完成其基本的业务活动。在这个范围内，网络安全被认为是具有保护敏感信息的力量的领域，无论是在个人层面还是在组织环境中。本文的目的是介绍安全行动中心的概念、相关性和功能。该研究的基本方法是基于MI-TRE对抗性战术、技术和常识框架的使用，作为基于真实情景观察的战术和技术矩阵。主要结果强调了将安全运营中心作为抵御网络安全威胁的屏障的重要性。安全运营中心通过人员、流程和技术为组织环境带来了额外的价值，同时还使用了几个框架来改进工作管理、事件响应和事件控制。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Sixth International Scientific Conference ITEMA Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture

自引率

0.00%

发文量