Security Operations Support and Management

Security Operations Support and Management

You can only protect your organisation if you can quickly and efficiently identify the threats and do something about them.  Your organisation's systems are producing masses of data that hold a lot of information on what is happening within your organisation and if anything is happening that can cause the business financial, reputational and personal damage.  Being able to identify these activities are possible with the right policies and processes supported by good tools.  TRaC Defence can help you achieve your goals and ensure you can detect issues as they arise.

Security Operations Centre (SOC) Design

When looking at implementing a Security Operations Centre what should it include?  We all agree there should be some form of protective monitoring, which can be either manual or automated using the widely available tools such as a Security Incident Event Manager (SIEM).  But there is more to it than this.

  • What is the role of the SOC and how does it fit into your security process and policies?
  • What functions will the SOC be responsible for?  Protective monitoring, response, technical control management?
  • Will your SOC be the epicenter of all things cyber related?

Our team can help you answer all of these questions and put all the elements in place to develop the security operations capability that best fits your business's needs and risk profile. 

Security Incident and Event Management (SIEM) and Protective Monitoring

What is the best SIEM solution for you; onsite, leveraged or cloud based?  Our specialists can help you select the correct approach for your business. 

Our specialists would:

  • Review your organisation's risks, policies and data needing protecting
  • Advise on the best and most cost effective options
  • Help manage the suppliers and procure the solution
  • Manage the full implementation, knowedge and skill base of your organisation
  • Manage all acceptance test requirements
  • Handover the capability to the business or continue to manage the solution on your behalf.

Security Operations Incident Response Planning and Implementation

Being able to respond quickly and efficiently is essential.  Planning the first Response and ensuring everybody in a key role for reducing impact is fully trained and aware of their responsibilities in the case of a breach.  Our specialists can help you develop your approach from the initial Incident triage through to full Incident and large scale breach management.

  • Develop the Policies and Processes for emergency Response
  • Align it with your business continuity and disaster recovery Planning
  • Develop a full training and awareness programme
  • Implement the training and awareness programme
  • Develop the testing protocols of the Incident Response cycle
  • Carry out initial practice run and analyse the results
  • Focus across all areas of response from technical, people, policy and process related
  • Focus on authority notification
  • Supplier engagement for support by identifying the best approach for your business based on internal skills and the skills gap
  • Develop a Response culture of continuous improvement.