Blog

The * umBlog - worth knowing from the world of data and insights into our unbelievable company.

What is a Security Operations Center and why do you need it?

What is a Security Operations Center and why do you need it? Image royalty-free @ pexels.com

Your company has digital assets that need to be protected. GDPR requires that a company detect any security incident involving personal data and report them within 72 hours, so you also have a legal obligation to be secure. You have responsibly defended yourself with cyber security tools like firewalls, antivirus and intrusion detection. So you’re good, right? Well, maybe not.

Put guards on your walls

This defensive equipment is set to perform specific tasks, but new vulnerabilities are discovered every day. New attacks and new threats constantly develop. These defensive tools are useful, but there is no such thing as 100% protection. If you haven’t been breached yet, most likely you will be.

Only having security tools is like building a wall to keep out the barbarians but neglecting to staff it with guards. You can’t just install your security tools and leave them running; you need someone to also monitor what is going on.

When an incident happens, you need to detect it and respond very quickly. This is the job of the Security Operations Center (SOC), and this is what makes it invaluable.

Be active, not passive

An SOC is a department which is dedicated and organized to prevent, detect, assess and respond to security issues in IT systems and IT infrastructure. These are your guards on the walls, ready to react when they see barbarians at the gate. An SOC can be either your own department or a provider of SOC as a service.

Basefarm’s SOC includes:

  • Certified security Alert Analysts who review and act on security incidents 24/7/365.
  • A Security Incident Response Team (BF-SIRT) who work on incidents escalated from the security analysts.
  • Security Engineers who continuously improve and implement security solutions and are ready to react to emerging threats.

More than simply reacting to events

An SOC responds quickly to incidents, but these security experts also provide proactive security. They are aware of new threats before they materialize. They know what hardware and software you are running so can keep an eye on specific developing threats. They provide suggestions to improve and strengthen your IT environment. When something does occur, they can help with forensics to learn from the incident and take steps to further strengthen yourself.

Fredrik Svantes (Basefarm)Read more about our SOC services here.

About the author: Fredrik Svantes is Senior Information Security Manager and Head of the Basefarm Security Operations department.

This might interest you, too:
Should you build your own SOC or use one as a service?
How do you find the right SOC provider for your company?

Social Media

Latest Blog Posts

Contact

The unbelievable Machine
Company GmbH
Grolmanstr. 40
D-10623 Berlin

+49-30-889 26 56-0 +49-30-889 26 56-11 info@unbelievable-machine.com

Free Whitepaper

"Hadoop 2: How to realize big data projects successfully" (German version)

To Whitepaper Download

Working at *um:

Go to the Career Page