Information security management in SOCs and SICs

被引：1

作者：

Miloslavskaya, Natalia ^{[1
]}

机构：

[1] Natl Res Nucl Univ MEPhI, Moscow Engn Phys Inst, 31 Kashirskoye Shosse, Moscow, Russia

来源：

JOURNAL OF INTELLIGENT & FUZZY SYSTEMS | 2018年 / 35卷 / 03期

关键词：

Information security; information security incident; information security management; Security Operations Center; Security Intelligence Center;

D O I：

10.3233/JIFS-169615

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

At present new sophisticated attacks make organizations' IT infrastructure (ITI) break-in more professional and dangerously effective. All organizations must oppose this properly designed and centralized information security (IS) management systems. Learn from the past helps to avoid the consequences of serious IS incidents in the future. Therefore, IS management is necessary for rapidly detecting IS incidents, minimizing loss and destruction caused by then, mitigating the vulnerabilities exploited and restoring organizations' ITIs. This process can be implemented based on Security Operations Centers (SOCs) and Security Intelligence Centers (SICs) as their next evolution step. SOCs' main functions and serious limitations are defined. The SICs' concept and functioning are analyzed. The main areas of further research conclude the paper.

引用

页码：2637 / 2647

页数：11

共 25 条

[1] Alberts Chris, 2004, Technical Report CMU/SEI-2004-TR-015
[2] [Anonymous], 2013, Applied network security monitoring: Collection, detection, and analysis
[3] [Anonymous], 270012013COR22015 IS
[4] [Anonymous], 2015, BUILD OP MAINT YOUR
[5] [Anonymous], EXTRUSION DETECTION
[6] [Anonymous], 2703512016 ISOIEC
[7] [Anonymous], 1989, Journal of Applied Systems Analysis
[8] Bace R. G., 2000, Intrusion detection
[9] Bejtlich R., 2013, The practice of network security monitoring: Understanding incident detection and response
[10] Bejtlich R., 2005, TAO NETWORK SECURITY

← 1 2 3 →