next generation security operations · next generation security operations from soc to c-soc...
TRANSCRIPT
![Page 1: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/1.jpg)
Next Generation Security Operations From SOC to C-SOC
Reserve Bank Information Technology Private Limited
Operational Excellence Webinar Series
ReBIT with BlockArmour & NetMonastery
![Page 2: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/2.jpg)
Panelists
Narayan Neelakantan, Co-Founder & CEO, Block ArmourCo-founder Block Armour – a blockchain based cyber security product startup.
Prior to founding Block Armour, he worked with National Stock Exchange (NSE) as Head - IT Risk & Compliance & CISO
Shomiron Das Gupta, Founder Netmonastery
Founded Netmonastery in 2002 - delivers quality attack detection products and services to its customers. Experience of building detection strategies for the most advanced security operations centers in the world.
![Page 3: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/3.jpg)
Panelists
Abhijit Dhongade, Co-Founder & CTO, Block Armour
Prior to founding Block Armour, he worked with National Stock Exchange (NSE) as Head – Security Operations Center. He has more than a decade of professional experience and is considered an expert in the areas of Security Incident and Event Management (SIEM) systems, Security Operations Center (SOC) and Incident Response (IR).
Vivek Srivastav, ReBITSenior Vice President, Research and Innovation
Moderate the forum.
![Page 4: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/4.jpg)
Agenda
● Brief overview/background of the Operational Excellence Program
● CSOC in RBI’s Cybersecurity Framework
● Next Generation Security Operations - Threats, Functions and Tooling
● Advanced SOC Capabilities
● Q/A Session
![Page 5: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/5.jpg)
BackgroundReBIT’s Operational Excellence
Program
![Page 6: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/6.jpg)
Operational Excellence Webinar
Operational Excellence Webinars
Playbooks
FAQ
Recordings&
Materials
Tools
http://webinar.rebit.org.in
![Page 7: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/7.jpg)
Webinars
Operational Excellence - Campaigns
Anti-Phishing Campaign
(DMARC Implementation)
Patch Management
(best practices)
SOC Operation
(best practices and capability
development)
DNS Governance
(DNSSEC Implementation)
![Page 8: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/8.jpg)
RBI’s Cybersecurity FrameworkCyber Security Framework
Cyber Security Policy Cyber Security Strategy
Continuous Surveillance
Annex 2 - Cyber Security Operation
Centre (C-SOC)
Risk/Gap Assessment
IT Architecture
Network and Database Security
Protection of consumer information
Cyber Crisis Management Plan
Cyber Security Preparedness Indicator Reporting
Cyber Incidents
Annex 3 - Cyber Security Incident Reporting (CSIR)Organization
StructureCyber Security
Awareness
Annex 1 - Baseline Cyber Security and Resilience Requirements
![Page 9: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/9.jpg)
Cyber Security Operations Center (C-SOC)
SOC tools
NetworkUserApplication
Rules&
Analytics
HoneyPots
Dashboard & Oversight
Top Management/Board Briefing on Threat Intelligence
Incident Management
Threat Feed
Incident Reporting
![Page 10: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/10.jpg)
Next Generation Security Operations -
Threats, Functions and Tooling
![Page 11: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/11.jpg)
SOC - Levels of Maturity
Log Monitoring & Analysis
SIEM
Advanced use of analytics
Threat Intelligence
Respond Recover
Incident Response
Incident Management
Security Monitoring
![Page 12: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/12.jpg)
Q/APlease raise hand and we will unmute you for your questions.
Alternatively please share your questions in the chat window.
![Page 13: Next Generation Security Operations · Next Generation Security Operations From SOC to C-SOC Reserve Bank Information Technology Private Limited Operational Excellence Webinar Series](https://reader033.vdocument.in/reader033/viewer/2022060212/5f050d397e708231d4110472/html5/thumbnails/13.jpg)
Cyber Security Operations Center (C-SOC)
SOC tools
NetworkUserApplication
Rules&
Analytics
HoneyPots
Dashboard & Oversight
Top Management/Board Briefing on Threat Intelligence
Incident Management
Threat Feed
Incident Reporting
Next: Webinar on Honeypots and Deception Technologies