Security Operation Centres
The project aims to increase the cyber resilience of the EU by creating, strengthening, and interconnecting SOCs in three European countries.
Signal Iduna Security Operation Centre
SI currently runs a SOC leveraging their SIEM to detect infrastructure security events. A project was conducted with a professional service provider to identify gaps in tools, people and processes resulting in a gap analysis and a SOC operating model. SI has a Chief Information Security Office (CISO) that is responsible for IT and data security. The CISO develops, organises and monitors all measures that are required to protect organisation’s information and technologies: cyber security, security architecture, governance functions (compliance, data protection), training and education, identity and access management. Corresponding departments within the SI implement these measures. Therefore, the IT Infrastructure tribe will implement the SOCCER project. Most tasks will be implemented by the Operational Security Squad in an agile working methodology, according to Scrum.
Orange Romania Security Operation Centre
Orange Romania is a market leader in Managed Cybersecurity Services, supporting an End-to-End Services Catalogue. The Service Offering includes Managed Monitoring, Detection and Response to cyber threats, and relies on advanced, state-of-the-art technologies such as Next-Generation Firewalls (NGF), Security Information Event Management (SIEM) deployments, Security Orchestration, Automation, and Response platforms and Endpoint Protection Solutions (Enhanced Detection and Response – EDR, Extended Detection and Response – XDR).
A key part of the Services provided through ORO’s Cyber Security Provider Catalogue, are managed, and operated in a Security Operations Centre (SOC), hosted in Bucharest, Romania, and teamed through a multi-level operational design, with Level 1 to Level 3 Analysts and Experts, co-ordinated by a Cybersecurity Operations Manager. The SOC Team are part of ORO’s Network and IT Operations and are currently providing a catalogue of services to internal and external ( Business to Business, B2B) customers.
HUN-REN SZTAKI Security Operation Centre
The federated SOC for Hungarian Research Institutes and Research Centres (RI/RCs) is still in its early incubation stage. A general security policy framework has already been established and accepted by all RI/RCs with a deadline of 12 months to implement corresponding local policies and capabilities. The SOC operations are currently restricted for periodic security scans of volunteering RI/RCs. The core SOC team at SZTAKI is already well defined in the form of a sectoral CSIRT (HunCERT) with 20 years of expertise in incident coordination.