Due to an increasingly far-reaching and comprehensive digitalisation and networking of IT and OT infrastructures, new attack possibilities are continuously emerging, such as phishing, SQL injection, ransomware, denial of service or advanced persistent threats. The associated risk situation as well as legal and regulatory framework conditions (e.g. IT Security Act) require an ever stronger focus on the detection, reporting and handling of security incidents related to the IT and OT infrastructure of the company. This task is typically performed by a Security Operations Centre (SOC).
The range of tasks of a SOC can be further detailed, for example, classic core tasks include
- The general guarantee of information security of the IT/OT infrastructures,
- identification ...