Classification of Security Operation Centers

Jacobs, PArnab, AIrwin, B2014-05-262014-05-262013-08Jacobs, P, Arnab, A and Irwin, B. 2013. Classification of Security Operation Centers. In: Information Security for South Africa (ISSA) Conference, Johannesburg, South Africa, 14 - 16 August 2013http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6641054http://hdl.handle.net/10204/7431Information Security for South Africa (ISSA) Conference, Johannesburg, South Africa, 14 - 16 August 2013. Abstract only attached.Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework addressing processes, staffing and technology currently do not exist. Additionally, it would be useful for organizations and constituents considering building, buying or selling these services to measure the effectiveness and maturity of the provided services. In this paper, we propose a classification and rating scheme for SOC services, evaluating both the capabilities and the maturity of the services offered.enSecurity Operation CentersSOCsComputer incidentResponse teamMaturity modelClassification matrixClassification of Security Operation CentersConference PresentationJacobs, P., Arnab, A., & Irwin, B. (2013). Classification of Security Operation Centers. IEEE Xplore. http://hdl.handle.net/10204/7431Jacobs, P, A Arnab, and B Irwin. "Classification of Security Operation Centers." (2013): http://hdl.handle.net/10204/7431Jacobs P, Arnab A, Irwin B, Classification of Security Operation Centers; IEEE Xplore; 2013. http://hdl.handle.net/10204/7431 .TY - Conference Presentation AU - Jacobs, P AU - Arnab, A AU - Irwin, B AB - Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework addressing processes, staffing and technology currently do not exist. Additionally, it would be useful for organizations and constituents considering building, buying or selling these services to measure the effectiveness and maturity of the provided services. In this paper, we propose a classification and rating scheme for SOC services, evaluating both the capabilities and the maturity of the services offered. DA - 2013-08 DB - ResearchSpace DP - CSIR KW - Security Operation Centers KW - SOCs KW - Computer incident KW - Response team KW - Maturity model KW - Classification matrix LK - https://researchspace.csir.co.za PY - 2013 T1 - Classification of Security Operation Centers TI - Classification of Security Operation Centers UR - http://hdl.handle.net/10204/7431 ER -