Pedro Vieira – Instituto Politécnico de Setúbal, Setúbal – Portugal
Leonilde Reis – Instituto Politécnico de Setúbal, Setúbal – Portugal
Keywords:
Information;
Information security;
Cybersecurity;
Security Operations Center;
Security information;
Event management
Abstract: Nowadays, information is an essential resource and a valuable asset. Like any other asset, information is potentially vulnerable and subject to various threats, whether deliberate or accidental. The methodology adopted for the study was exploratory and descriptive, focusing on document analysis of information in the field of the theme. The paper aims to focus on the operationalisation and management of the Security Operations Center (SOC), to foster and optimise the definition of policies and instruments for data loss prevention and recovery, as well as to carry out training actions for employees. The main results emphasise that cybersecurity involves a set of tools, policies, guides, risk management approaches, training actions, good practices and technologies that can be used to protect the assets of organisations and users in cyberspace, to preserve the guarantee the so-called information security triad.
6th International Scientific Conference on Recent Advances in Information Technology, Tourism, Economics, Management and Agriculture – ITEMA 2022 – Conference Proceedings, Hybrid (University of Maribor, Slovenia), October 27, 2022
ITEMA Conference Proceedings published by: Association of Economists and Managers of the Balkans – Belgrade, Serbia
ITEMA conference partners: Faculty of Economics and Business, University of Maribor, Slovenia; Faculty of Organization and Informatics, University of Zagreb, Varaždin; Faculty of Geography, University of Belgrade, Serbia; Institute of Marketing, Poznan University of Economics and Business, Poland; Faculty of Agriculture, Banat’s University of Agricultural Sciences and Veterinary Medicine ”King Michael I of Romania”, Romania
ITEMA Conference 2022 Conference Proceedings: ISBN 978-86-80194-63-9, ISSN 2683-5991, DOI: https://doi.org/10.31410/ITEMA.2022
Creative Commons Non Commercial CC BY-NC: This article is distributed under the terms of the Creative Commons Attribution-Non-Commercial 4.0 License (https://creativecommons.org/licenses/by-nc/4.0/) which permits non-commercial use, reproduction and distribution of the work without further permission.
Suggested citation
Vieira, P., & Reis, L. (2022). Information Security – SOC Potentialities. In V. Bevanda (Ed.), International Scientific Conference ITEMA 2022: Vol 6. Conference Proceedings (pp. 91-97). Association of Economists and Managers of the Balkans. https://doi.org/10.31410/ITEMA.2022.91
References
Gartner. (2022). Why Cyber Security Starts with ITAM Data – IT Discovery: A Critical First Step in IT Security. https://content.lansweeper.com/Operational-IT-Security
ISO/IEC 27001:2018. (2018). Information security management systems – Requirements, 2018. www.iso.org/isoiec-27001-information-security.html
ISO/IEC 27002:2022. (2022). Information security, cybersecurity and privacy protection — Information security controls. https://www.iso.org/standard/75652.html
ISO/IEC 27005:2018. (2018). Information technology — Security techniques — Information security risk management. https://www.iso.org/standard/75281.html
Mezmo. (2022). What is the difference between-SIEM and-SOC. https://www.mezmo.com/learn-observability/what-is-the-difference-between-siem-and-soc
NIST. (2022). Information Technology- Cybersecurity. National Institute of Standards and Technology: https://www.nist.gov/cybersecurity
Rotich, A. (2022). Security Operation Center (SOC). https://medium.com/@thefoursec/security-operation-center-soc-22ac281c6eaa
Shieldbyte Infosec. (2022). SOC1, SOC2 & SOC3 Compliance.
https://shieldbyteinfosec.com/SOC1-SOC2-SOC3-compliance.php
Softwall. (2022). SOC. Security Operations Center.
Vieira, P. (2022). Security & IT Risk. Bachelor’s degree internship report, Instituto Politécnico de Setúbal.
