If among all the SOCs we share information on tactics, techniques, and procedures of new threats, we will improve the capabilities of protecting to potential cyber incidents.
Security Operations Centers
These SOCs provide the entity with the services of prevention (expanding knowledge regarding their vulnerabilities, both technical and human, to reduce the exposure surface), protection (applying blocking measures, at different points of the infrastructure, to prevent or limit cyberattacks), detection (observing everything that happens in the entity to look for existing threats and use cases) and response (acting in the event of cyber incidents to minimise the impact on the entity). As well as the cybersecurity management service, establishing the direction of the rest of the services, to carry out correct governance.
Cybersecurity Operations Centers
In this dynamic, the need arose to create a tool to interconnect the SOCs so that any suspicious attempted cyberattack could be stopped in its tracks immediately, even before determining whether it was an actual attack or not: the National Network of SOCs.
Prevention
Protection
Response
Detection
Managed Security Services (MSS) Certification
To ensure that the aforementioned services provided are of high quality, a SOC must be able to demonstrate its operational capabilities, as well as its technical competencies in relation to the MSS it provides.
Furthermore, the means used to provide said MSS must meet the necessary security requirements that guarantee that they are protected and reliable to perform their work safely for the entity itself and for those under its umbrella.
