Electronic data and people's lives are becoming more closely intertwined, leading to the formation of a digital society where the Internet is being used to process an ever-increasing volume of data exchanges and transactions.This trend is blurring the boundary between the real world and virtual spaces, resulting in a greater impact from cyber attacks.A fundamental requirement for all businesses is security monitoring to detect such attacks.Security monitoring is usually performed under the management of a security operations centre (SOC).However, to cope with the continued rise in cyber attacks, organisations as a whole must continue to innovate.This paper describes an innovative approach to improve incident response in SOC or a response by the Advanced Threat Centre (ATC) which realizes security automation and orchestration as a new model to support effective security monitoring.
展开▼