JavaScript is disabled for your browser. Some features of this site may not work without it.
- ResearchSpace
- →
- Research Publications/Outputs
- →
- Journal Articles
- →
- View Item
| dc.contributor.author |
Mutemwa, Muyowa
|
|
| dc.contributor.author |
Mtsweni, Jabu S
|
|
| dc.date.accessioned | 2023-01-03T08:53:36Z | |
| dc.date.available | 2023-01-03T08:53:36Z | |
| dc.date.issued | 2022-03 | |
| dc.identifier.citation | Mutemwa, M. & Mtsweni, J.S. 2022. A cybersecurity architecture that supports effective incident response. <i>Journal of Information Warfare.</i> http://hdl.handle.net/10204/12566 | en_ZA |
| dc.identifier.issn | 1445-3312 | |
| dc.identifier.issn | 1445-3347 | |
| dc.identifier.uri | http://hdl.handle.net/10204/12566 | |
| dc.description.abstract | A Cybersecurity Operation Centre (SOC) is a centralized hub within an organisation that houses people, processes, and technologies aimed at continuous monitoring of the organization’s assets in order to prevent, detect, analyse, and respond to cybersecurity incidents against that organisation. SOCs are critical to the collection, analysis, and response to cybersecurity events and incidents faced by an organisation. This article discusses the architecture of an SOC that enables quick and timely responses to events and incidents. Firstly, the article describes an architecture of the SOC, the SOC’s processes, personnel, and technologies. Secondly, the article discusses what type of information and logs should be collected, analysed, and interpreted. Lastly the article discusses how to handle an incident through the six stages of incident response. | en_US |
| dc.format | Abstract | en_US |
| dc.language.iso | en | en_US |
| dc.relation.uri | https://www.jinfowar.com/journal/volume-21-issue-1/cybersecurity-architecture-supports-effective-incident-response | en_US |
| dc.source | Journal of Information Warfare | en_US |
| dc.subject | Cybersecurity | en_US |
| dc.subject | Cyber threats | en_US |
| dc.subject | Event Logs | en_US |
| dc.subject | Security Operating Centre | en_US |
| dc.subject | Threat Actors | en_US |
| dc.title | A cybersecurity architecture that supports effective incident response | en_US |
| dc.type | Article | en_US |
| dc.description.pages | 139-155 | en_US |
| dc.description.note | © Copyright 2022 Journal of Information Warfare. All Rights Reserved. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website: https://www.jinfowar.com/journal/volume-21-issue-1/cybersecurity-architecture-supports-effective-incident-response | en_US |
| dc.description.cluster | Defence and Security | en_US |
| dc.description.impactarea | Inf and Cybersecurity Centre | en_US |
| dc.identifier.apacitation | Mutemwa, M., & Mtsweni, J. S. (2022). A cybersecurity architecture that supports effective incident response. <i>Journal of Information Warfare</i>, http://hdl.handle.net/10204/12566 | en_ZA |
| dc.identifier.chicagocitation | Mutemwa, Muyowa, and Jabu S Mtsweni "A cybersecurity architecture that supports effective incident response." <i>Journal of Information Warfare</i> (2022) http://hdl.handle.net/10204/12566 | en_ZA |
| dc.identifier.vancouvercitation | Mutemwa M, Mtsweni JS. A cybersecurity architecture that supports effective incident response. Journal of Information Warfare. 2022; http://hdl.handle.net/10204/12566. | en_ZA |
| dc.identifier.ris | TY - Article AU - Mutemwa, Muyowa AU - Mtsweni, Jabu S AB - A Cybersecurity Operation Centre (SOC) is a centralized hub within an organisation that houses people, processes, and technologies aimed at continuous monitoring of the organization’s assets in order to prevent, detect, analyse, and respond to cybersecurity incidents against that organisation. SOCs are critical to the collection, analysis, and response to cybersecurity events and incidents faced by an organisation. This article discusses the architecture of an SOC that enables quick and timely responses to events and incidents. Firstly, the article describes an architecture of the SOC, the SOC’s processes, personnel, and technologies. Secondly, the article discusses what type of information and logs should be collected, analysed, and interpreted. Lastly the article discusses how to handle an incident through the six stages of incident response. DA - 2022-03 DB - ResearchSpace DP - CSIR J1 - Journal of Information Warfare KW - Cybersecurity KW - Cyber threats KW - Event Logs KW - Security Operating Centre KW - Threat Actors LK - https://researchspace.csir.co.za PY - 2022 SM - 1445-3312 SM - 1445-3347 T1 - A cybersecurity architecture that supports effective incident response TI - A cybersecurity architecture that supports effective incident response UR - http://hdl.handle.net/10204/12566 ER - | en_ZA |
| dc.identifier.worklist | 26310 | en_US |
