List of Security Operation Centers in Hong Kong
Security Operations Center (SOC) is a dedicated, centralized information security establishment that facilitates security operations team to centrally monitor, analyze, and maintain the physical and cyber security of data. Their scope of work include data network, user end points, servers, applications, databases, security access systems, and others.
What is SOC
SOC is a strictly operational team with sole focus on IT security operations. They follow and utilize existing framework of IT security project planning, security strategy development, design and implementation of security architecture, and security software provisions provided to them. SOC team is mostly comprised of trained security analysts who collaborate on analyzing logs, triggers, warnings, and detect any anomalous events. Any abnormal events are analyzed and mitigated in real-time. They are reported to the stakeholders based on level of severity of breach.
SOC must know the scope of what they are safeguarding and level of safeguard, as well as what systems, hardware and software they can use within that scope. This helps determine the components needed by them. The project planning components SOC include determining security strategy in line with business objectives, infrastructure design, implementation layouts, cost-benefit analysis, and others. The software and hardware components of SOC include software and hardware firewalls, Host Intrusion Prevention System (HIPS), Network Intrusion Prevention/Detection System (IPS/IDS), Antivirus solution, spam filtering, content filtering, application and database scanners, probes, log servers, Security Information and Event Management (SIEM) system, and others. The system components of SOC include penetration testing, host and network vulnerability assessment system, behavioral analytics system, correlation systems, anomaly detection systems, threat intelligence platforms, endpoint detection and remediation system, and others.
Functions of SOC
SOC is a central security command that protects any security compromises within an organization. They are dedicated 24x7 resource that continuously monitor, identify, and mitigate any threat to proprietary and confidential company data. Their main functions are:
- Determination of the scope and components needed for the project.
- Contributing to security roadmap for the projects to keep upgrading and integrating the latest technology and ensuring stakeholder awareness on latest threats.
- Working towards mitigating latest threats by ensuring and scheduling maintenance windows to update software and hardware systems.
- Continuous monitoring of events and alerts, managing logs, determination of false alerts, proactive mitigation of issues determined based on level of urgency.
- Determining the needed response to any security breach risk and executing it including isolation or quarantine of affected component considering the asset value. Performing recovery of affected components and sealing security loopholes.
- Investigating the root cause of the security breach, prepare reports, and send them to the stakeholders.
- Ensuring compliance with existing industry standards, protocols, and regulations like SOX, HIPAA, GDPR, GLBA, GBG13, and others for legal purposes.
SOC Organizational Structure
Organizational structure of SOC includes primarily analysts, account managers, and chief information security officer (CISO). Analysts collaboratively work together under the leadership of account managers who are also a bridge between third party stakeholders and analysts. CISO concerns themselves with regulatory compliances, risk assessment. They extend across various business verticals within that scope.
List of Security Operations Center in Hong Kong
Below is the list of Security Operations Center in Hong Kong
|ACME Telecom Security Operations Center
|China Entercom SOC
|IBM X Force SOC
- Updated: 10/1/2019, Jeff Petters (2019-10-02). "What is a Security Operations Center (SOC)? | Varonis". Inside Out Security. Retrieved 2020-02-10.
- "What is a Security Operations Center (SOC)?". mcafee.com/. Retrieved 2020-02-10.