Response to discussion enclosed herewith

User Generated

Dngnevrf

Computer Science

Description

Cyber-attacks are a severe and ever-growing threat. The attacks can cost millions of dollars in losses, not to mention the public relations issues that accompany the clean-up. With the increase in federal government contracts that Sifers-Grayson is acquiring, the cyber-attack footprint is growing as well. In short, this company needs a location to house where all the security information is collected, analyzed and, if required, acted upon (White, 2016). A Security Operations Center (SOC) is an area that houses a group of highly trained IT specialists armed with an array of detection and prevention technologies to prevent, respond to and remediate any cyber threat. The primary responsibility is to ensure the “confidentiality, integrity, and availability of the modern information technology (IT) enterprise (Zimmerman, 2014). Keeping information safe and secure and away from people with nefarious intentions is an absolute must for an organization that is working to obtain more government contracts. Three primary building blocks are required to stand up a SOC: People, Technology, and Process (Torres, 2015).

An effective and efficient SOC needs a group of well-trained IT specialists to deal with a constantly evolving threat. Sifers-Grayson may have a few in-house specialists ready to join the SOC, but will most likely need to bring in some contractors to assist in covering incident responses. Proper staffing of a SOC will harden the security of the network, and make it that much harder for hackers to infiltrate the company and steal critical information vital to the success of the organization.

Processes must be developed to standardize the roles and responsibilities at all levels of the SOC organization, including the senior leadership of the organization. Consistent procedures will ensure the efficient completion of the four phases of incident response: Preparation; Detection and analysis; Containment, Eradication, and Recovery, and; Post-Incident Activity (Cichonski, Millar, Grance & Scarfone, 2012). Following process put in place before an event occurring will give the SOC a head start in combating chameleon tendencies of the bad guys.

The final piece of the SOC is technology. Obtaining an enterprise array of data collection, detection, and analytic solutions will help to fend off attacks from a multitude of sources. Proper security monitoring takes into consideration data gathered from all endpoints (PCs, mobile devices, laptops, and servers) (Torres, 2015). This valuable input can allow the staff of the SOC to monitor those endpoints and, should an incident occur, stop it quickly and immediately shift into investigative mode. Proper technology can enhance the effectiveness of the SOC and the effectiveness of an organization to respond to attacks, as well as mitigate future attacks.

Conclusion

While establishing a SOC may seem cost prohibitive, it can save money for Sifers-Grayson in the long run. The cost of adding trained staff is pocket change to the amount it would cost for the organization if it did not meet compliance with HIPPA, PCI-DCC, or any regulatory requirements that the data must meet (White, 2016). The technology required for the SOC to be effective is not cheap, but neither is the public relations mess or lost contracts that might occur should there be a significant data breach. Creating the SOC in totality (People, processes, and technology) may cost a considerable amount of money, but how do you put a price on the company’s reputation?

Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012, August). Computer Security Incident Handling Guide (NIST). Retrieved November 29, 2017, from http://nvlpubs.nist.gov/nistpubs/SpecialPublicatio...

Torres, A. (2015, May). Building a world-class security operations center: A roadmap. Retrieved November 26, 2017, from https://www.sans.org/reading-room/whitepapers/anal...

White, M. (2016, February 11). Why security operations center are critical to organizations. Retrieved November 26, 2017, from http://www.informationsecuritybuzz.com/articles/wh...

Zimmerman, C. (2014). Ten strategies of a world-class cybersecurity operations center. Retrieved November 28, 2017, from https://www.mitre.org/sites/default/files/publicat...

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

have a look at it am done

Running Head: 1

Title
Institution affiliation
Date

Running Head: 2
I concur with you but you need to understand that cyber attack is any type of offensive that is
caused by an individual, groups or an organization and its main target is the computer
information system which its main is to destroy a specified target by hacking. Cyber-attacks are a
severe and ever-growing threat. The attacks can cost millions of dollars in losses, not to mention
the public relations issues that accompany the clean-up. With the increase in federal government
contracts that Sifers-Grayson is acquiring, the cyber-attack footprint is growing as well. In short,
this company needs a location to a house where all the security information is collected, analyzed
and, if required, acted upon (White, 2016). A Security Operations Center (SOC) is an area that
houses a group of highly trained IT specialists armed with an array of detection and prevention
technologies to prevent, respond t...


Anonymous
Great! 10/10 would recommend using Studypool to help you study.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags