This page is fully or partially automatically translated.

Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment
it-sa 365: Header Desktop IABG
IT Security Talks Management I

Central Security Management using a Security Operations Center (SOC)

The presentation explains the necessity of a SOC and gives strategic recommendations for its deployment

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: IT Security Talks

Save and remember action
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Tue, 15.06.2021, 11:00 - 11:15

event_available Digital

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Data Center

Organizer

Event

This action is part of the event IT Security Talks

Action Video

grafischer Background
close

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

Due to an increasingly far-reaching and comprehensive digitalisation and networking of IT and OT infrastructures, new attack possibilities are continuously emerging, such as phishing, SQL injection, ransomware, denial of service or advanced persistent threats. The associated risk situation as well as legal and regulatory framework conditions (e.g. IT Security Act) require an ever stronger focus on the detection, reporting and handling of security incidents related to the IT and OT infrastructure of the company. This task is typically performed by a Security Operations Centre (SOC).
The range of tasks of a SOC can be further detailed, for example, classic core tasks include
- The general guarantee of information security of the IT/OT infrastructures,
- identification of vulnerabilities,
- monitoring the IT/OT infrastructures and detecting attacks/incidents,
- in the coordinated remediation of security incidents, or
- in the measurability of the level of information security.
In addition, classic core tasks of a SOC are often combined with further tasks of a Computer Emergency Response Team (CERT) / Computer Security Incident Response Team (CSIRT), such as
- Observation of the general threat situation,
- the assessment of threats, including forensics, or
- the preparation of recommendations (advisories).
As an internal service provider of an organisation, a SOC therefore has numerous interfaces. It functions, for example, as a general contact point for security aspects of both users and administrators and is concerned with continuously increasing security awareness in the organisation. The SOC supports the management in complying with the issued security policies and provides corresponding evaluations, reports and situation pictures as required. For the detection and resolution of security incidents, there is close cooperation with those responsible for the IT/OT infrastructures.
The detection of security incidents is technically based on the evaluation of a multitude of log data from different log sources; these log sources can be, for example, network components such as routers or switches, client and server systems or security components such as firewalls, virus walls or intrusion detection systems. A SOC therefore usually offers a technical core function for the central collection and evaluation of log data, a so-called Security Information and Event Management (SIEM) system. This also enables the correlation of log data from different manufacturers and platforms and thus extensive and effective possibilities for the detection of security incidents. The SIEM visualises this in an integrated dashboard, generates corresponding events and alarms and thus forms an essential technical basis for the creation of an overall cyber security situation picture of the organisation.
Due to the extensive functions and tasks of a SOC, it is usually built up step by step. At the beginning, it is often advisable to centrally collect log data and use this as a basis for identifying security incidents. In the next step, further tasks can be added to resolve security incidents, up to and including threat intelligence and forensics.
An important aspect in setting up a SOC is the selection of a suitable operator model. In addition to traditional in-house operation and outsourcing of SOC tasks, a variety of hybrid operator models are conceivable. Organisational, strategic, technical and economic aspects should be taken into account when deciding on the appropriate operator model.
The presentation explains the necessity of a SOC for the operation of complex IT/OT infrastructures, shows its core functionality and gives strategic recommendations for the approach to implementation.

 ... read more

Language: German

Questions and Answers: Yes

Speaker

show more

You might also be interested in

it-sa 365 Key Visual
10/12/2023| 12:00 PM - 12:10 PM
Secure, Integrated Digital Workspaces with LEANEA

Explore LEANEA's approach to secure, integrated digital workspaces in the modern era.
Header of Serviceware SE
10/12/2023| 11:15 AM - 11:30 AM
Of cats and mice and AI in the Security Operations Centre

Vectra AI's advanced AI platform reveals attackers that otherwise remain hidden and helps to take...
header mobile lancom systems
10/11/2023| 12:15 PM - 12:30 PM
Secure practice networking

Telematics Infrastructure 2.0 requires a modern security architecture, accessibility of services ...
Header of Axelum s.r.o.
10/11/2023| 12:00 PM - 12:15 PM
The forgotten attack vector

Phishing and web attacks are getting harder, so attackers are turning to the forgotten vector. Ho...
it-sa 365 Key Visual
10/11/2023| 11:30 AM - 11:45 AM
Availability, security, energy optimization in the data center - 3 topics that complement each other

The responsible operation of a data center makes it possible to combine the conflicting areas of ...
close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.