OASIcs.SLATE.2024.13.pdf
- Filesize: 0.6 MB
- 12 pages
Organizations are facing some challenges in cybersecurity, due to the increasing of cyber threats, vulnerabilities, insufficient cybersecurity frameworks, and scarcity of proficient cybersecurity experts. The criticality of mitigating these challenges is underscored by the European Union’s Network and Information Systems (NIS) Directive. This directive is instrumental in fostering a uniformly high level of cybersecurity throughout the EU, mandating that Member States implement robust national cybersecurity strategies and collaborate effectively in responding to cyber incidents. A possible solution is the implementation of a Security Operations Center (SOC). However, SOCs are not a one-size-fits-all solution and each organization has specific needs depending on their business domain. This task can be complex, and it can be simplified when organizations can identify in the initial stages the infrastructural challenges that may emerge when implementing a SOC. In this paper, we analyzed the main considerations that should be considered when using current frameworks reviewed in the literature. We identified the core operating models that are currently in use and being deployed, and which are the best practices when designing a SOC’s infrastructure.
Feedback for Dagstuhl Publishing