Conveners
Operational Security: Session 5
- Henry Hughes (Jisc)
Description
Security is not something you are doing on your own unless of course when you are the evil hacker. With the large amount of threats we are facing, the developments in technology, the quick rise of AI, cooperation in operational security is key. Individual incidents may be by nature very confidential, we however need to learn from each and every incident in our own organisation but also from our peers in our community to be able to efficiently and effectively protect our assets and users.
In this session we learn that you can not build a SOC without intense interaction with other NRENs and your users, interactions which make miracles happen, miracles you could not have achieved when working on your own. Will the final miracle be a large virtual pan European collaboration, the R&E security intelligence hub? Or will that only be the start of even more miracles?
This presentation reveals an NREN community vision for a virtual organisation that seeks to create, collect, analyse, classify and share actionable security intelligence for research and education. The Research and Education Security Intelligence Hub is intended to counter specific cyber threats and challenges with solutions centred around trusted collaboration and joint operations;...
This presentation clearly demonstrates the miracles that can occur when everyone collaborates closely and works toward a shared goal.
HEAnet formally started a SOC & SIEM project in 2022 with a procurement exercise which included a 17 company framework, and a single supplier chosen to provide a sectoral SOC & SIEM to our clients. Since then we have created a Security Operations Team and worked with our provider to on-board multiple clients. HEAnet are taking a very hands-on approach to both onboarding and ongoing management...