Cyber security has become fundamental for companies that want to grow, a process that involves skilled people and cutting-edge tools. But where to start?
The so-called security operations centres, the SOCs, play a key role in this context.
It doesn't matter the size of the company. Businesses large and small need to monitor systems to detect potential threats and respond in the event of an event. Many are turning to the deployment or enhancement of SOCs to boost protection against cyber threats.
The idea of security operations was born in the US government in 1966. The purpose was to investigate what caused the failures of combat strategy during the Vietnam War.
Behind the investigation processes of that time, there were concepts that, to this day, are applied in cyber security.
These are five pillars that remain the essence of many market models, such as the NIST Cybersecurity Framework:
- Identification of critical information;
- Threat analysis;
- Vulnerability analysis;
- Risk assessment;
- Implementation of action plan.
Since then, the world has changed and, with the internet connecting people and businesses, the rate of attacks has also grown at the same speed.
We had large-scale attacks in the 2000s that caused millions of dollars in damage to US companies. You probably remember the MafiaBoy case, which caused a $1.2 billion breach at the time with a DDoS attack against websites including Amazon, eBay, CNN and Yahoo! Or, the case where teenagers broke into the US Department of Defense, the year was 1999, obtained sensitive information and thus managed to steal some of NASA's code.
All of this triggered a series of developments in cyber security. One of them was the concept of SOC, which was born in the US military in the mid-2000s and established the basic principles of monitoring, operation and control used today.
In parallel with this historical context, ISH created its SOC based on the best concepts that existed in the market in 2006. In the following years, the SOC was being improved. But it was in 2016 that there was a milestone, with the revision of the concepts of architecture of the company's SOC. New methodologies for monitoring and detection, and incident response were addressed. The aim was to bring a more advanced security offering to the market.
But why is this more innovative view of SOC important for companies that want to do business in a hyper-connected world? That's the subject of our next post in the series "The evolution of security in business". Read here.