Speaker
Description
HEAnet formally started a SOC & SIEM project in 2022 with a procurement exercise which included a 17 company framework, and a single supplier chosen to provide a sectoral SOC & SIEM to our clients. Since then we have created a Security Operations Team and worked with our provider to on-board multiple clients. HEAnet are taking a very hands-on approach to both onboarding and ongoing management of the project to make sure our clients not only receive the best possible service, but also to ensure the threat intelligence data, lessons from incidents and immediate response steps can be shared with the whole HEAnet community.
This talk (which can be a full presentation or a Lightning Talk) aims to outline early interactions with other NRENs, the inputs that led to our decisions re: outsourcing, information on the shape of our new team and lessons learned from the first year of operation. We believe that this is a vital service for NRENs to facilitate (in some way) for their clients and we want to do what we can to make it easier for the next NREN to start the process!