7. Conclusion: the operational safety center, as a project and a process

This article describes, with examples, the objectives, components and roles of the SOC. Setting up an operational security center is both a project, which presupposes prerequisites and a formalized study of security needs (particularly the associated risks), and a process, i.e. a recurring activity that relies on an existing system and involves maintaining it in operational condition, and a decision-making capacity to support the alert process that this system will generate.

We take the view that the SOC is not just a technical device, but above all a set of services designed to detect, prevent and react to cyber threats. The risk-based approach is the common thread running through the justification and relevance of the SOC system. We use the term "system" because it is a system that contributes to risk management. In fact, it is one of the key elements in our ability...

You do not have access to this resource.

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource.
Click here to request your free trial access!

Already subscribed? Log in!

The Ultimate Scientific and Technical Reference

A Comprehensive Knowledge Base, with over 1,200 authors and 100 scientific advisors

+ More than 10,000 articles and 1,000 how-to sheets, over 800 new or updated articles every year

From design to prototyping, right through to industrialization, the reference for securing the development of your industrial projects

This article is included in

Security of information systems

This offer includes:

Knowledge Base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

Practical Path

Operational and didactic, to guarantee the acquisition of transversal skills

Doc & Quiz

Interactive articles with quizzes, for constructive reading

Subscribe now!

Ongoing reading
Conclusion: the operational safety center, as a project and a process

Previous
page Putting SOC actions into practice

Glossary

Bibliography

(1) - https://www.ssi.gouv.fr/uploads/2018/10/guide-methode-ebios-risk-manager.pdf -
(2) -

Standards

Information security management systems – Requirements - ISO/IEC 27001 - 2022
Information security, cybersecurity and privacy protection — Information security measures. - ISO/IEC 27002 - 2022

Regulations

Decree no. 2015-350 of March 27, 2015 on the qualification of security products and trust service providers for information system security purposes.

Decree no. 2015-351 of March 27, 2015 relating to the security of information systems of operators of vital importance and taken for the application of section 2 of chapter II of title III of book III of the first part of the legislative part of the Defense...