Cyber defense
Download 2.54 Mb. View original pdf
|
- Navigate this page:
- CIBERDEFENSA
| 27 , TF-CSIRT 28, EGC Group 29 ) that coordinate all associated CERT/CSIRTs and facilitate information exchange on vulnerabilities, threats and mitigation measures. 344. A Cyber Operations Center (CyOC) is a coordination center for military operations in cyberspace, including defensive, exploitative and offensive operations, inside and outside its own network, according to the legal principles of use of force. 345. The cyber force, as the main entity responsible for national cyber defense, must have a cyber operations center (CyOC) that coordinates the action of all SOCs established within its scope. 346. It is very important to clearly define and detail the responsibilities and tasks of the CyOC and subordinated SOCs and NOCs to create trusted collaboration environments to manage tasks with shared, overlapped, uncertain or controversial responsibility. 347. Each type of center (CyOC, SOC, NOC) is made up of personnel with different professional qualifications, operating with different tools and having a different purpose and scope. A SOC basically requires traditional security information and event management (SIEM); GUÍA DE CIBERDEFENSA ORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR 56 a CyOC requires security orchestration services (SOAR, cyber threat hunting, advanced deception platforms and command and control systems while a NOC requires tools to control and monitor network operation. 348. Security event management can be grouped into three echelons the first echelon comprising prevention activities against failures and cyber attacks the second echelon comprising standard ongoing cyber attack mitigation activities (real-time monitoring, event correlation, indicators of compromise, cyber situational awareness, dynamic risk management, early warning and help desk the third echelon comprises ex-post analysis and advanced threat mitigation activities (forensic analysis, rapid reaction teams, malware analysis and APT early warning). Download 2.54 Mb. Share with your friends:
|