SLCERT TO BUILD NATIONAL-LEVEL SOC TO MONITOR POSSIBLE COMPUTER THREATS
The Sri Lanka Computer Emergency Readiness Team (SLCERT) yesterday said that cabinet approval had been granted for the building of a national level Security Operations Centre (SOC) to monitor the computer network for possible threats.
Speaking to the Daily Mirror, SLCERT Information Security Engineer Ravindu Meegasmulla said, “SOC is a command centre facility for a team of IT professionals with expertise in information security that is responsible for monitoring, analyzing and protecting an organisation from cyber attacks. SOC would monitor the possible threats which enable to communicates in and out of the country.
“In the SOC, internet traffic, corporate area networks (CAN), desktops, servers, endpoint devices, databases, applications and other systems are continuously examined for signs of a security incident. The SOC staff may work with other teams or departments, but is typically self-contained with employees that have high-level information technology and cybersecurity skills,” he said.
Additionally, most SOCS function around the clock as employees work in shifts to constantly log activity and mitigate threats.
“We have separate SOCS operating in certain banks including commercial institutes but we do not have SOCS at a national level. For that the SLCERT should identify the critical infrastructure incidents such as Ministry of Power, Energy and Business Development, National Water Supply and Drainage Board and Internet Service Providers (ISPS),” he said.
Speaking further he said,” there are highly sensitive technical devices running in the electricity board which operate through specialised software. If someone hacked into those systems, they can bring the entire country into darkness at once”.
“After building a national level SOC, we can monitor every bits and piece of information which communicates in and out of the country”, he further added.
Mr Meegasmulla also said. “We planning only to monitor the traffic of the computer network and possible vulnerabilities”.