good analysts Andrey Strashnov, Head of the Department of the Main Directorate for Information Security and Information Protection of the Bank of Russia, said that the bank’s SOC is connected to the access control systems (ACS) and provides the ability to analyze situations when a person is physically in another place and cannot log in to a specific computer with their password. And standard functions for access control to AD and DBMS, network equipment activity, and antivirus protection. All of this is constantly monitored in real time.
The SOC on duty shift of the Bank of Russia includes 10 peopl good analysts
Not every organization can afford to keep such a staff of employees. needed, of which there are not many on the market. So in practice, only large organizations, such as Sberbank , can deploy their SOC . Or Gazprombank, whose SOC staff, according to Alexey Pleshkov, head of the department for information security, protection and informatization of the bank, includes 12 people.
This leads to the fact that in Russia special lead there are only 10-15 of their own SOC. Other organizations cannot afford this. But they can turn to commercial SOCs. Which can take them for maintenance. In this case, a device is connected to the enterprise network, transmitting logs of devices, switches, routers to the contractor’s commercial SOC, where constant monitoring of the customer’s system is carried out in real time.
A commercial SOC can significantly
simplify the task of protection, but it will not be possible to outsource everything. The decision-making function must remain on the customer’s side. So he still cannot do without his own information security service.
Cyber threats have long ceased to be
Something mythical, unreal i meta introduces a new way to publish everyday life, like the “white walkers”. “It’s time to join the fight. You are now in a great game, and great games are terrible,” the organizers recalled the words of Tyrion Lannister. It is clear that cybersecurity trades in fear, but at the same time, one cannot aero leads help but admit that these fears are not groundless. The competition between projectiles and armor continues, and using SOC undoubtedly increases your protection.