Cyber defense



Download 2.54 Mb.
View original pdf
Page43/85
Date09.12.2022
Size2.54 Mb.
#60094
1   ...   39   40   41   42   43   44   45   46   ...   85
Cyber Defense Handbook
27
, TF-CSIRT
28,
EGC Group
29
) that coordinate all associated CERT/CSIRTs and facilitate information exchange on vulnerabilities, threats and mitigation measures.
344.
A Cyber Operations Center (CyOC) is a coordination center for military operations in cyberspace, including defensive, exploitative and offensive operations, inside and outside its own network, according to the legal principles of use of force.
345.
The cyber force, as the main entity responsible for national cyber defense, must have a cyber operations center (CyOC) that coordinates the action of all SOCs established within its scope.
346.
It is very important to clearly define and detail the responsibilities and tasks of the CyOC and subordinated SOCs and NOCs to create trusted collaboration environments to manage tasks with shared, overlapped, uncertain or controversial responsibility.
347.
Each type of center (CyOC, SOC, NOC) is made up of personnel with different professional qualifications, operating with different tools and having a different purpose and scope. A SOC basically requires traditional security information and event management (SIEM);


GUÍA DE
CIBERDEFENSA
ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
56
a CyOC requires security orchestration services (SOAR, cyber threat hunting, advanced deception platforms and command and control systems while a NOC requires tools to control and monitor network operation.
348.
Security event management can be grouped into three echelons the first echelon comprising prevention activities against failures and cyber attacks the second echelon comprising standard ongoing cyber attack mitigation activities (real-time monitoring, event correlation, indicators of compromise, cyber situational awareness, dynamic risk management, early warning and help desk the third echelon comprises ex-post analysis and advanced threat mitigation activities (forensic analysis, rapid reaction teams, malware analysis and APT early warning).

Download 2.54 Mb.

Share with your friends:
1   ...   39   40   41   42   43   44   45   46   ...   85




The database is protected by copyright ©ininet.org 2024
send message

    Main page