It was held on July 15, the third round of webinars Security Ideas – Cyber Security: SOC has become necessary to face new threats? organized by BV TECH and Secure Network and thanks to the support of IWCAST.

Alvise Biffi, Chief Executive Officer of Secure Network, introduced the webinar presenting the topic related to the evolution of SOC.

Afterwards, Riccardo Cospite, Senior Security Engineer at Secure Network presented the critical scenario of threats and incidents that companies have had to face in the last period.

“The cyber attack trend has evolved in recent years. In fact, they increasingly aim to obtain money and/or personal information from target systems. Among the main cyber threats we find, malware, attacks on websites and phishing emails. Interruption of service, payment of ransoms, legal costs and financial penalties are some of the main economic impacts that therefore weigh on the corporate budget”.

Defined the criticalities of the scenario, for the companies it becomes important to understand how to intervene in the event that an attack occurs and go to highlight the particular criticalities of its infrastructure.

“Among the activities, there are those of Attack Response Testing or analysis aimed at verifying the effectiveness of an SOC in terms of reaction time and identification of threats through security systems implemented on a given corporate perimeter”.

In addition, the rapporteur explains, “the whole range of activities that can be carried out to assist the work of an SOC have as their main objective prevention by identifying critical assets and high risk issues. In this way, companies have the opportunity to make targeted investments to protect assets that could pose real threats to business and data”.

But how is the Security Operation Center service evolving?

Lorenzo Repetto made it clear, Senior Cyber Security Consultant of BV TECH Group: “A SOC is a set of professionals, analysts, procedures, platforms, software that jointly work to identify threats as soon as possible pursuing the purpose of protecting data and infrastructure. The offer provided in the SOC of BV TECH is granular and integrable, even on top, on the reality of the customer. Each service can be run in H24x7 or H8x5 mode. The provision of services is supported by enabling platforms, internally developed by BV TECH such as: PrivateMail, Atena SOAR, SIEM”.

The wide range of services offered by BV TECH, including – as Repetto explains – Remote Monitoring & Alerting, Incident Handling, Advisory & Reporting, Early Warning.

“BV TECH therefore supports the customer also in the design and start-up of HYBRID SOLUTIONS, offering its experience and training activities necessary to better implement security services, in a short time”.

What are the advantages of adopting a SOC like that of BV TECH and why is it necessary?

– Improving the detection of safety incidents through continuous monitoring and analysis of suspicious behaviour and timely mitigation and resolution.

– Prompt communication of new online threats with the adoption of the necessary safeguards.

– The centralization of security events and corporate assets provides immediate visibility into what is happening by highlighting abnormal behavior.

– It allows better communication and collaboration between the various business organizational units reducing security costs.

– Comply with specific regulations.

– Easier assessment of security risks and thus better decision-making.

– Protection of the company’s reputation.

Finally, Enrico Maria Cestari presented the case history of Casavo, a company that was born with the aim of revolutionizing the real estate market.

“In three years, our reality has grown and security has become a primary need. We turned to Secure Network that supports us with strategic actions in our journey in the world of cyber security. Thanks to the support of Secure Network, we have developed a strategy of actions to be done both from the point of view of people and technology. We have planned Social Engineering Training activities for all employees but also targeted activities for developers”.

In conclusion, the figure of the SOC has become necessary to cope with new threats. You must always monitor the company’s security systems and intervene in the event of computer incidents in order to safeguard the health of your company.