Implementation of a SOC

Cybersecurity Operations Centres are nowadays a fundamental cybersecurity tool for organizations. They provide a set of means to detect and react quickly to a cyber incident and provide organizations with sufficient capabilities to detect new threats.

For this reason, in parallel to the development and implementation of the National SOC Network, the National Cryptologic Centre collaborates with different public bodies in the deployment of the necessary capacities for the constitution of these Centres. Within the framework of this collaboration, the CCN-CERT carries out a preliminary study of the organization interested in implementing a SOC to find out about the ICT infrastructure of the organization and its previous needs.

Areas to evaluate before implementing a SOC

The systems to be protected and the security status.

Sources to monitor.

The initial metrics of the attack surface area, the internal state of security and the measurement of the Centre's performance.

Likewise, for the deployment and implementation of SOCs in the public sector, the National Cryptologic Centre makes its common and shared tools available to organizations to facilitate the subsequent integration of each SOC into the National SOC Network.