All Articles

COVID-19: How To protect Organizations from Cyber Attack using iSOC

Posted by MUKESH KUMAR BANSAL on June 14, 2020 at 3:06am

Lets talk on why we need iSOC in the COVID situation. 

Enterprises are moving towards a different working organization due to Covid19 pandemic situation - major part of employees within the organization are bound to work remotely, which is increasing their exposure to security threats including phishing, hacking, adware & malware attacks, e-mail & application vulnerabilities etc.

Means the COVID-19 pandemic has led to a surge in cybercrime, and moreover attackers use people’s fears to prey on businesses and individuals.

Security Challenges during COVID-19

During this new Normal situation, business are facing following few major challenges:

  1. Insider threats risks due to working from home scenario
  2. Increased phishing email attacks,
  3. Weak endpoint security due to unsecure home network as well as personal devices
  4. Increased malware/ ransomware attacks in this new normal working situations

In times of this crisis, good security practices are often the first thing to go.

iSOC offer addresses all these challenges and provide a seamless experience to our esteemed customers and end users.

 

Lets Talk what is iSOC

In Normal SOC, Security Analyst performs various generic SOC activities like (not an exhaustive list):

  1. Alerts & Notification
  2. Proactive Monitoring
  3. Event correlation
  4. Compliance & Audit
  5. VAPT
  6. Risk management

 

In normal monitoring, if your security alert tool providers are not updated to handle zero days vulnerability, you are prone to get attacked as many of tool providers, we have seen, not upto date on their threat signature updates.

 

How to Build iSOC

We suggest following best practices for iSOC

  1. Use public clouds for new iSOC development – it reduces hardware procurement cycle as well as manually managing high availability and disaster recovery functionalities which are very important for iSOC. It also helps for connecting iSOC from anywhere as your iSOC team may be working from home at this COVID-19 time.
  2. Use industry standard SOC and Runbook template instead of reinventing these
  3. Use various AIML based iSOC enablers like threat hunting automation, Phishing emails attacks analysis automation etc. to automate and to make these operations more proactive and intelligent. These enablers help to detect almost Realtime threats and prepare your periphery security devices to block such attacks.

 

Please connect me for more information.

Views: 150
Tags: #COVID-19, #PhisingEmailAnalysisAutomation, #ThreatHuntingAutomation, #iSOC, #intellgentSOC
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)