setting up an security operations center soc a step by
play

Setting up an Security Operations Center (SOC) A step by step - PowerPoint PPT Presentation

Sep 14, 2023 •552 likes •906 views

Ministry of Science, People First, Performance Now Technology and Innovation Setting up an Security Operations Center (SOC) A step by step approach Abdul Rahman Mohamed Abdul Rahman Mohamed VP, IT Strategy, Risk & Delivery Group IT,

  1. Ministry of Science, People First, Performance Now Technology and Innovation Setting up an Security Operations Center (SOC) – A step by step approach Abdul Rahman Mohamed Abdul Rahman Mohamed VP, IT Strategy, Risk & Delivery Group IT, Malaysia Airlines 07 November 2012

  2. Ministry of Science, People First, Performance Now Technology and Innovation My apology…. I am standing between you and home sweet home. I’ll be On-Time.

  3. Ministry of Science, People First, Performance Now Technology and Innovation About the speaker… • • 19 years of experience 19 years of experience • Was CISSP and CISM • Oil and Gas, Banking and Consultancy • IT Strategy & Transformation, Governance, Risk & Security, IT Service Delivery, Project Management Management

  4. Ministry of Science, People First, Performance Now Technology and Innovation We are here to share our experience… • In setting up an internal SoC, as well as its journey and evolution • Its value to our business • The lesson learned • DISCLAIMER: It works for us.

  5. Ministry of Science, People First, Performance Now Technology and Innovation Allow me to introduce the Air Travel Industry….

  6. Ministry of Science, People First, Performance Now Technology and Innovation The Airline industry is glamorous, and a quick way to lose money….. “How do you become a millionaire ? First become a Billionaire First, become a Billionaire, then you run an Airline” – Sir Richard Branson

  7. Group IT is the enabler and IT partner of THE PREFFERED PREMIUM CARRIER … Ministry of Science, People First, Performance Now Technology and Innovation 2 + 6 2 + 6 Data Centers Data Centers (incl MHNet, SITA, Enrich) (incl MHNet, SITA, Enrich) Bergen Bergen Stockholm Stockholm Oslo Helsinki Stavenger Sandefjord Aberdeen 56 56 Gothenburg Glasgow Edinburgh Copenhagen Belfast Teesside Leeds Dublin Amsterdam applications applications Manchester London Frankfurt Vienna Brussels Munich Milan Geneva Tashkent Barcelona Rome Beijing Beijing Seoul Seoul Madrid Madrid Inch’on Inch’on Kansai Tokyo 16K 16K Athens Nagoya 14-15 mil 14-15 mil Fukuoka IT Devices IT Devices Shanghai Bahrain Guangzhou Pax /annum Pax /annum Hong Kong Doha Hanoi (2010/11) (2010/11) Muscat Yangon M Manila il Bangkok Siem Reap 45 45 Phnom Penh Phuket Cebu Ho Chi Minh Over 90 Over 90 Langkawi KUALA LUMPUR Colombo Penang FTEs FTEs Medan Kota Kinabalu Stations Stations Singapore Kuching (MW,FY,MH) (MW,FY,MH) Dar es Salaam Jakarta TANZANIA Surabaya Denpasar Over 12 Over 12 Maputo Darwin MOZAMBIQUE 20K 20K Harare, ZIMBABWE Cairns Key IT Partners Key IT Partners Broome Townsville Victoria Falls, ZIMBABWE Mauritius Hamilton Island Mackay (out of 84) (out of 84) Staff Staff Gaborone, BOTSWANA Windhoek, NAMIBIA Rockhampton Fraser Coast Johannesburg Sunshine Coast Brisbane Durban Gold Coast G ld C Maseru, LESOTHO Ballina Byron Perth Coffs Coast Adelaide Newcastle Port Elizabeth East London Sydney Melbourne Canberra Launceston Hobart Figures per December 2011

  8. Ministry of Science, People First, Performance Now Technology and Innovation Lets get to the actual presentation

  9. Ministry of Science, People First, Performance Now Technology and Innovation The steps that we took in establishing the SoC…. • Find the right resources • Find the business value of your SoC •Get the Sponsors and know your stakeholders • Begin with the end in mind • Begin with the end in mind • Start small • Leverage Leverage • Can pause but keep evolving • “Marketecture”

  10. Ministry of Science, People First, Performance Now Technology and Innovation In any endeavors, we have to have the right 1 resource for the job that meet the following criteria: “Committed to Integrity; Committed to Performance and Committed to Change.” Jeff Immelt CEO GE CEO, GE

  11. Ministry of Science, People First, Performance Now Technology and Innovation “There is no such thing as an IT project there is only business project” project, there is only business project Paul Coby Paul Coby Ex CIO British Airways

  12. Ministry of Science, People First, Performance Now Technology and Innovation “Else… You syok sendiri” di i” Abdul Rahman Mohamed Future CIO

  13. Ministry of Science, People First, Performance Now Technology and Innovation 2 We established the SoC for the airline business…. • Alignment with corporate strategies and Business Transformation Plan (BTP2): • No compromise on safety and security • No compromise on safety and security • Serve Customer, Make Money, Save Money • Compliance with regulatory requirements (local and international) e.g. Anti Trust/Competition Law, Data Privacy, PCI, National Cyber Security Policy (NCSP) y, , y y y ( ) • Increase in IT Outsourcing activity and the need for near realtime transparency

  14. Ministry of Science, People First, Performance Now Technology and Innovation The projects was actually owned by Corporate The projects was actually owned by Corporate 3 Security but funded by IT…. Board Safety and Security Committee Board Safety and Security Committee Management Committee Group IT Corp. CSSHE CSSHE* Services IT Strategy Corporate Security IT Risk Advisory & Governance Service Delivery Services Info/IT Security Risk Mgmt Operations Information Risk & Security Business Assurance Audit & Business SITO*** Security SACC** Advisory Assurance IT Security Corp. Risk & Corp. Security Corp. Security Operations Operations G Governance * Corporate Safety, Security, Health & Environment ** Security Assurance Control Center *** Strategic IT Outsourcing

  15. Ministry of Science, People First, Performance Now Technology and Innovation There are external stakeholders as well…. Board Safety and Security Committee Board Safety and Security Committee Management Committee Group IT Corp. CSSHE* CSSHE Services IT Strategy Corporate Security IT Risk Advisory & Governance Service Delivery Services Info/IT Security Risk Mgmt Operations Information Risk & Security Business Assurance Audit & Business SITO*** Security SACC** Advisory Assurance IT Security Corp. Risk & Corp. Security Corp. Security Operations Operations Governance G * Corporate Safety, Security, Health & Environment ** Security Assurance Control Center *** Strategic IT Outsourcing

  16. Ministry of Science, People First, Performance Now Technology and Innovation O Once we established the business justification, we bli h d h b i j ifi i 4 would envision the end in mind….

  17. Ministry of Science, People First, Performance Now Technology and Innovation This is half of your journey….

  18. Ministry of Science, People First, Performance Now Technology and Innovation We started our journey with a 5 year vision…. PHASE 1 PHASE 1 PHASE 3 PHASE 3 PHASE 4 PHASE 4 PHASE 2 PHASE 2 Assurance and visibility to Optimized for Stakeholder’s Integration to Integration to Business Business Confidence in IT Controls Corporate GRC • Corp Info Security Policy • Policy Alignment • Comprehensive view • Integrate with icy • Information Security Information Security • Link with Corp Security Link with Corp Security • Link dashboard to external/ Link dashboard to external/ corporate corporate Poli Dashboard dashboard service provider GRC framework • Content Security Services • Info Leakage Prevention • IT Compliance Mgmt ess / Tech • Svc Provider assessment • Digital Rights Mgmt • Sec Incident & Event Proce Te • IT Risk Management • IT Risk Management • Identity & Access Mgmt • Identity & Access Mgmt Mgmt Mgmt • IT Assets Mgmt • Info Retention & e- • Threat Vulnerability Mgmt Discovery • Assurance testing People • Awareness: Classroom • Handbook, Video • E-Awareness, Portal • Certification P enefits sults / • Assurance of control • Integration with • Integration of security • Transparency effectiveness corporate security processes and technology • Visibility Be Res • Information Security business objectives • Obtain stakeholder’s visible at Corp. Security confidence

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Taking security a step further Red Team operations ME 2 Geek 20 year of experience doing

Taking security a step further Red Team operations ME 2 Geek 20 year of experience doing

Taking security a step further Red Team operations ME 2 Geek 20 year of experience doing hacking Authored tools / articles / books / etc Speaker at conferences around the world Volunteer at OWASP Still getting the same thrill when

827 views • 59 slides
What is PTR? Step 1 : Goal Setting & Progress Monitoring Step 2 : Functional Assessment

What is PTR? Step 1 : Goal Setting & Progress Monitoring Step 2 : Functional Assessment

P revent T each R einforce Glen Dunlap, Rose Iovannone, Donald Kincaid, Kelly Wilson, Kathy Christiansen, Phillip Strain, & Carie English What is PTR? Step 1 : Goal Setting & Progress Monitoring Step 2 : Functional Assessment (Prevent,

712 views • 33 slides
Setting up a Fund in in Malta A Step by Step Guide Attractions of f th the Regimes T ECH

Setting up a Fund in in Malta A Step by Step Guide Attractions of f th the Regimes T ECH

Setting up a Fund in in Malta A Step by Step Guide Attractions of f th the Regimes T ECH CHNICAL E XCE LLENCE . . P RACTICAL S OLU CELL OLUTIONS A Steep Increase in the Total Number of Funds Domiciled in Malta PIF Licences were up by 6.5%

1.53k views • 24 slides
Setting Financial Goals FDIC Money Smart for Young Adults Building: Knowledge, Security,

Setting Financial Goals FDIC Money Smart for Young Adults Building: Knowledge, Security,

Setting Financial Goals FDIC Money Smart for Young Adults Building: Knowledge, Security, Confidence Why Create a Spending Plan? What is a Spending Plan? A spending plan is: A step-by-step guide for meeting expenses in a given period of

832 views • 68 slides
Aim Aim I can solve one-step and two-step missing number equations using inverse operations.

Aim Aim I can solve one-step and two-step missing number equations using inverse operations.

Aim Aim I can solve one-step and two-step missing number equations using inverse operations. Success Criteria Success Criteria Statement 1 Lorem ipsum dolor sit amet, consectetur adipiscing elit. I can write multiplication correctly

643 views • 19 slides
Start.COOP A STEP-BY-STEP TOOL TO START-UP A COOPERATIVE Room setting and Seating Arrangement

Start.COOP A STEP-BY-STEP TOOL TO START-UP A COOPERATIVE Room setting and Seating Arrangement

Start.COOP A STEP-BY-STEP TOOL TO START-UP A COOPERATIVE Room setting and Seating Arrangement Room Set-up and Seating Arrangement Cone of learning Facilitation techniques About the Module and Session Guide The Modules Decision Tree and the

862 views • 27 slides
Using Honeypots for Security Operations Jim Barlow <jbarlow@ncsa.uiuc.edu> Head of

Using Honeypots for Security Operations Jim Barlow <jbarlow@ncsa.uiuc.edu> Head of

Using Honeypots for Security Operations Jim Barlow <jbarlow@ncsa.uiuc.edu> Head of Security Operations and Incident Response National Center for Supercomputing Applications (NCSA) University of Illinois at Urbana-Champaign National

229 views • 20 slides
FY 2020 Tuition, Fee & Budget Setting Schedule October 22, 2018 FY 2020 Tuition, Fee and

FY 2020 Tuition, Fee & Budget Setting Schedule October 22, 2018 FY 2020 Tuition, Fee and

FY 2020 Tuition, Fee & Budget Setting Schedule October 22, 2018 FY 2020 Tuition, Fee and Budget Setting Schedule STEP STEP STEP STEP STEP STEP 4 5 2 3 1 6 1 SEPTEMBER 28, 2018 OCTOBER 22, 2018 NOVEMBER 16,2018 DECEMBER 2018-

298 views • 12 slides
Smartpods PULSE The Software is easy to use and provides relevant data to improve health and

Smartpods PULSE The Software is easy to use and provides relevant data to improve health and

Smartpods PULSE The Software is easy to use and provides relevant data to improve health and facility management. 3 Easy Steps For New Users Step 1 Type of Movement Step 1 Viewing Video Step 1 Login Process Step 2 Height Setting Step

381 views • 8 slides
Quick guide Step 1: Purchasing a RSFirewall! membership Step 2: Download RSFirewall! Step 3:

Quick guide Step 1: Purchasing a RSFirewall! membership Step 2: Download RSFirewall! Step 3:

Quick guide Step 1: Purchasing a RSFirewall! membership Step 2: Download RSFirewall! Step 3: Installing RSFirewall! Step 4: Scan the Joomla! installation 4.1 Run the System Check 4.2 Fix the security vulnerabilities 4.2.1 Joomla! And

279 views • 17 slides
Orchestrating Security Tooling With AWS Step Functions 1 Background Jules Denardou Justin

Orchestrating Security Tooling With AWS Step Functions 1 Background Jules Denardou Justin

Orchestrating Security Tooling With AWS Step Functions 1 Background Jules Denardou Justin Massey @Pod_Sec @jmassey09 @JulesDT @th3r3p0 Security Engineers at Datadog Product Security team Improve security of product without

1.2k views • 84 slides
Office of Water Project Review And the Deep Draft Navigation Planning Center of Expertise US

Office of Water Project Review And the Deep Draft Navigation Planning Center of Expertise US

Office of Water Project Review And the Deep Draft Navigation Planning Center of Expertise US Army Corps of Engineers 1 Civil Works Project Delivery Process Step 1 Step 2 Step 3 Step 4 Step 5 Initial Problem Congressional Study Initial

152 views • 11 slides
min { a i , a j } max { a i , a j } P j P j P i P i P i P j Step 1 Step 2 Step 3 Figure 9.1 A

min { a i , a j } max { a i , a j } P j P j P i P i P i P j Step 1 Step 2 Step 3 Figure 9.1 A

a i a j a i , a j a j , a i min { a i , a j } max { a i , a j } P j P j P i P i P i P j Step 1 Step 2 Step 3 Figure 9.1 A parallel compare-exchange operation. Processes P i and P j send their elements to each other. Process P i keeps min { a i ,

372 views • 22 slides
Postfix chenshh Computer Center, CS, NCTU Outline A very long topic Step-by-step

Postfix chenshh Computer Center, CS, NCTU Outline A very long topic Step-by-step

Postfix chenshh Computer Center, CS, NCTU Outline A very long topic Step-by-step examples after brief introduction Outline Brief introduction to Postfix Step by step examples Build a basic MTA that can send mails to

1.63k views • 119 slides
Step 1 Step 2 Step 3 Step 4 Step 5 Preparation of a sketch Submission of birth map of all

Step 1 Step 2 Step 3 Step 4 Step 5 Preparation of a sketch Submission of birth map of all

Step 1 Step 2 Step 3 Step 4 Step 5 Preparation of a sketch Submission of birth map of all customary information forms to Preparation and adoption of Convening and submission Submission of Application Ste land owned by ILG obtain

1.23k views • 4 slides
Center for Medicaid and State Operations/Survey and Certification Group Ref: S&C-10-07-CLIA

Center for Medicaid and State Operations/Survey and Certification Group Ref: S&C-10-07-CLIA

DEPARTMENT OF HEALTH & HUMAN SERVICES Centers for Medicare & Medicaid Services 7500 Security Boulevard, Mail Stop S2 12 25 Baltimore, Maryland 21244 1850 Center for Medicaid and State Operations/Survey and Certification Group

652 views • 6 slides
This presentation provides an overview of the Victorian Auditor-Generals report Security of

This presentation provides an overview of the Victorian Auditor-Generals report Security of

This presentation provides an overview of the Victorian Auditor-Generals report Security of Critical Infrastructure Control Systems for Trains. 1 Passenger train services are an essential service for the Victorian public, much like

240 views • 12 slides
Security in the .CO ccTLD Gonzalo Romero CSO - .CO Internet ICANN Meeting # 48 Buenos Aires,

Security in the .CO ccTLD Gonzalo Romero CSO - .CO Internet ICANN Meeting # 48 Buenos Aires,

Security in the .CO ccTLD Gonzalo Romero CSO - .CO Internet ICANN Meeting # 48 Buenos Aires, ARGENTINA, November 17-21, 2.013 Agenda Motivation Security Policies Knowledge Transfer and Cooperation Action Malicious Activities

627 views • 8 slides
Challenges in the new normal Rising above these Challenges Rajeev Lollbeharree Head Security

Challenges in the new normal Rising above these Challenges Rajeev Lollbeharree Head Security

ACI Webinar on Security and Facilitation Airport Security and Facilitation Challenges in the new normal Rising above these Challenges Rajeev Lollbeharree Head Security Services , Airports of Mauritius Ltd 12 Au August 2020 SS SSR In

768 views • 17 slides
Standard 3. Accreditation and Assessment Standard 8. Compliance Standard 9. Virginia Index of

Standard 3. Accreditation and Assessment Standard 8. Compliance Standard 9. Virginia Index of

The Standards of Quality (SOQ) Standard 3. Accreditation and Assessment Standard 8. Compliance Standard 9. Virginia Index of Performance Recognition Program Dr. Cynthia A. Cave Assistant Superintendent for Policy and Communications

626 views • 31 slides
Presenter: Suman Thapaliya, PhD Scholar Department of Information Technology Supervisor 1: Prof,

Presenter: Suman Thapaliya, PhD Scholar Department of Information Technology Supervisor 1: Prof,

Presenter: Suman Thapaliya, PhD Scholar Department of Information Technology Supervisor 1: Prof, Dr. Sateesh Kumar Ohja Supervisor 2: Prof, Dr. Subarna Shakya NPCERT to Host First Cyber Security Meetup in 4/6/2019 Nepal NPCERT to Host First

1.62k views • 36 slides
Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive

Cybersecurity and the AICPA Cybersecurity Attestation Project Chris Halterman Executive Director EY Chair AICPA Trust Information Integrity Task Force Agenda Item 8-D IAASB Meeting, September 21-25, 2015 New York, USA Page 1 Increasing

444 views • 17 slides
Winning with Partners Winning with Partners Christoph Stoica Vice President, Channel &

Winning with Partners Winning with Partners Christoph Stoica Vice President, Channel &

Winning with Partners Winning with Partners Christoph Stoica Vice President, Channel & Inside Sales International Our Sponsors Diamond Platinum Gold Silver Exhibitor 432 Partners Countries 60+ Represented 129 Sessions 60 Demos

766 views • 25 slides
YOUR SECURITY IS OUR BUSINESS WHO WE ARE American security experts with strong experience working

YOUR SECURITY IS OUR BUSINESS WHO WE ARE American security experts with strong experience working

YOUR SECURITY IS OUR BUSINESS WHO WE ARE American security experts with strong experience working in the Middle East ARBENGER/CITC: A joint venture implementing security solutions throughout Arabia CITC: A veteran owned, experienced military

253 views • 13 slides

More recommend