Information security management in SOCs and SICs

摘要

At present new sophisticated attacks make organizations' IT infrastructure (ITI) break-in more professional and dangerously effective. All organizations must oppose this properly designed and centralized information security (IS) management systems. Learn from the past helps to avoid the consequences of serious IS incidents in the future. Therefore, IS management is necessary for rapidly detecting IS incidents, minimizing loss and destruction caused by then, mitigating the vulnerabilities exploited and restoring organizations' ITIs. This process can be implemented based on Security Operations Centers (SOCs) and Security Intelligence Centers (SICs) as their next evolution step. SOCs' main functions and serious limitations are defined. The SICs' concept and functioning are analyzed. The main areas of further research conclude the paper.