Intelligence-Driven Modern SOC: A Future-ready Outfit
Transforming your Security Operations Centre from an “incident-driven” to an “intelligence-driven” modern enterprise
Tuesday, 7th July 2020
Thailand Standard Time 8.45 am - 10.00 am (GMT +7)
Singapore, Malaysia, Philippine Standard Time 9.45 am - 11.00 am (GMT +8)
It is a known fact that the healthcare industry frequently struggles with data breaches and other cybersecurity threats. That’s likely because cybercriminals know the real value of medical data. It’s also problematic that healthcare information often gets passed between multiple parties and organisations, some of which may have insufficient security practices.
It is then no surprise that COVID-19 is not the only virus that the healthcare institutions are fighting. Since the World Health Organisation’s (WHO) declaration of COVID-19 as a pandemic, cybercriminals have targeted hospitals, vaccine testing facilities, healthcare workers, and even the WHO itself.
It is reported that healthcare organisations are sitting on ‘unexploded’ ransomware attacks.
Attacks from malicious actors are not ceasing, which means healthcare cybersecurity must remain a priority in 2020 and beyond. But, what, specifically, should the healthcare institutions be doing to proactively protect themselves
Leveraging actionable threat intelligence
The Intelligence-Driven SOC is modelled to incorporate all components. Right from able to predict threats & attacks with the incorporation of the threat intelligence feeds encompassing technical, operational, tactical & strategic threat intelligence to the formulation of a process for advance targeted attacks with sandbox analysis.
It also encompasses, automated response activity through the endpoint detection & response while incorporating necessary cybersecurity services & training to address the skill gap in cybersecurity.
The question is – Does your SOC comprise of an organised team of security analysts and engineers. Can they detect, analyse, and respond to incidents, always working in lockstep with business managers to execute on the security strategy? Awesome!
We hope it’s not a few analysts who spend their days reactively responding to security issues with a variety of point tools at their fingertips?
Establishing SOC as a centre of excellence
Cyber threat intelligence has to be a key differentiator in your organisation’s cybersecurity strategy.
The current set of issues is that every organisation which has a SOC would be receiving some kind of threat intelligence either as a standard threat feed to the SIEM. But this does not in any way look at all the threat intelligence requirements of the organisation such as operational, tactical & strategic threat intelligence.
Since the current state of threat intelligence is not entirely understood, organisation tend to ignore the value of threat intelligence, especially of tailored threat intelligence specific to an organisation IT environment.
Thus, it is of great importance that organisations start leveraging threat intelligence in a far more robust manner to be able to PREDICT the next level of attacks, including Dark Web Monitoring & reporting capabilities.
But, has your Security operations Centre identified the set of success metrics
Response – Is your SOC equipped to optimise and respond effectively with advanced tools and strategies
Regulation – How aligned is your SOC to industry best practices and regulatory guidelines to maintain a secure environment for your customers
Security – How secured and well prepared is your SOC against the sophisticated and ever-evolving cyber threats?
Strategy – Is your SOC leveraging technology to monitor entire information domain to help prevent, detect, respond and predict to attacks
Framework – Does your SOC team possess a formal vulnerability identification program, threat hunting, incident response, threat mitigation processes
Skill Enhancement: Is the SOC team trained adequately to respond to threats, discover breaches, and go on a hunt for malicious actors & artefacts within the organisation?
OpenGov is pleased to invite you to our exclusive OpenGovLive! Virtual Insight aimed at imparting knowledge on how the SOC team is always powered on and prepared to outsmart, withstand, and remediate against cyberthreats.
This session serves as a great peer-to-peer learning platform to gain insights and practical solutions to understand the success metrics of a Modern SOC and how to transform it into an intelligence-driven SOC from an incident driven approach.
- Chief Information Security Officers
- Chief Information Officers
- Chief Technology Officers
- Head of Cybersecurity
- Director- Cyber Security Architecture
- Director -Security Operations Centre
- Vice President – IT Security
- Head of IT Operations Centre
We will be discussing:
- Best approaches in threat hunting to proactively search for threats being undetected by traditional security systems like firewalls, IPS/IDS, SIEM, etc.
- Establishing an incident response framework implemented to limit damage and reduce remediation costs
- Learn the key aspects and building blocks of a modern and successful Security Operations Centre
- Leverage technology to make the security more robust and cyber defences more powerful
- Empower the modern SOC to efficiently and effectively detect and remediate threats
- Execute the vulnerability management life cycle in line with the local and regional guidelines
- Focus on timely detection of IT security incidents through correlating, analysing and threat hunting
- Identify critical security operations metrics and implementing necessary improvements
Program Director (AI) @ PIE, Senior Manager @ TLSingapore University of Technology and Design
Head Process and service innovationOCBC Bank
Head ITSompo Insurance Singapore
Database EngineerJLT Asia Pte Ltd
Assistant Director, Government Data officeSmart Nation and Digital Government Office
Deputy DirectorNgee Ann Polytechnic
Deputy Head Data ManagementImmigration and Checkpoints Authority
Deputy DirectorNanyang Technological University
Program DirectorSingapore University of Technology and Design
Head of Aviva Quantum AsiaAviva
Vice President, Group Chief Information Security Officer
IHH Healthcare Berhad
Siang Tiong Yeo
General Manager – South East Asia
Group Managing Director and Editor-in-Chief
Contact person: Ellen Quek
Phone number: +65 6303 0683