TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Eskom employees returning to work

      29 June 2022

      E.tv in stunning victory over minister in digital TV fight

      28 June 2022

      It’s official: stage-6 load shedding is here

      28 June 2022

      Stage-6 load shedding highly likely later today

      28 June 2022

      Prosus sale plan sends Chinese tech stocks tumbling

      28 June 2022
    • World

      Pictures: Chinese spacecraft acquires images of entire planet of Mars

      29 June 2022

      Arm aims for leg-up in smartphone games with new chip tech

      29 June 2022

      Warnings of a final bitcoin ‘washout’

      29 June 2022

      Sony launches into PC gaming hardware

      29 June 2022

      Ether holds its breath for the Merge

      28 June 2022
    • In-depth

      The great crypto crash: the fallout, and what happens next

      22 June 2022

      Goodbye, Internet Explorer – you really won’t be missed

      19 June 2022

      Oracle’s database dominance threatened by rise of cloud-first rivals

      13 June 2022

      Everything Apple announced at WWDC – in less than 500 words

      7 June 2022

      Sheryl Sandberg’s ad empire leaves a complicated legacy

      2 June 2022
    • Podcasts

      How your organisation can triage its information security risk

      22 June 2022

      Everything PC S01E06 – ‘Apple Silicon’

      15 June 2022

      The youth might just save us

      15 June 2022

      Everything PC S01E05 – ‘Nvidia: The Green Goblin’

      8 June 2022

      Everything PC S01E04 – ‘The story of Intel – part 2’

      1 June 2022
    • Opinion

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Promoted Content»Next-generation security operations centres: Balancing tech with manpower

    Next-generation security operations centres: Balancing tech with manpower

    Promoted Content By Micro Focus9 February 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    Next-generation security operations centres (SOCs), although a much more machine learning-driven way of ensuring your data is protected, raise some interesting questions.

    Chief among these is who is responsible should there be a data breach, and whether to insource or outsource your IT requirements in the current environment, which is increasingly regulated.

    On hand to debate these issues was a panel of local experts, who joined the latest TechCentral Micro Focus panel to discuss next-gen SOCs.

    Ian Keller, customer security director at Ericsson, explains that next-gen SOCs are simply the evolution of units that deal with security issues on an organisational and technical level. As Keller says, “next gen” is more about harnessing artificial intelligence as there’s more machine learning involved. “You’re trying to reduce the reliance on the human factor as much as possible. It’s the automation of it,” he says.

    Ian Keller

    Your SOC is next gen if it offers these features:

    • Threat visibility;
    • New and unknown attacks;
    • Active defence;
    • Hunt and respond;
    • Cybersecurity teams using AI and machine learning; and
    • Robotics

    As soon as you start adding machine learning into the equation, you run into the skills issue, however. Machine learning is a relatively new discipline, and skills are in short supply and high demand. Additionally, machines coming into the organisation often mean that humans are replaced as a greater set of skills is required to integrate the more intelligent technology with the business.

    “I think all companies, including us, are struggling with this. It’s a human machine symbiosis, to marry the two,” says RCL Foods group IT governance manager Prien Pillai.

    Prien Pillai

    RCL is 100% outsourced when it comes to technology. “We are reliant on best-of-breed key IT service providers to manage our security layers.”

    However, what this means, Pillai says, is that you have a “third party managing your security, but you don’t have internal resources that understand it or the learnings to challenge them, as to whether we’re heading towards the right direction”. This requires that there is always a balance between internal and external, depending on who manages your security.

    That also opens up the question as to who is responsible for data breaches, if and when they happen.

    Janine West

    As Janine West, Investec’s data privacy officer, says, this depends on where the data breach occurs and whether it was a system issue that caused the data breach, or people. “People are our weakest link.”

    West adds that often it’s not even a training issue, it’s just a force of habit. “In my mind, privacy needs to be covered across the organisation. And we all need to do what’s required to make sure that we look after our own domains, but we all work together.”

    Russell Opland

    Adams & Adams’ data protection officer Russell Opland argues that the question of who is responsible for breaches becomes slightly different when IT security is outsourced.

    Opland points out that the Information Regulator, appointed in terms of the Protection of Personal Information Act, is leaning towards holding the designated official charged with ensuring compliance responsible for breaches. This is in contrast with international application over the past 20 years. “I think the regulator’s going to want to be making some examples right out the gate.”

    Tumelo Zwane

    When it comes to state security, however, the situation demands that a tight hold is kept on IT and its security components. CIO at the Special Investigating Unit Tumelo Zwane says the agency is strict on what happens to its data from in terms of its internal users. It also filters almost anything and everything. “Any e-mail that comes through is filtered, and when we send information out, it’s password protected. We try and regulate the data coming in or out as much as possible.”

    At the same time, the agency is moving from a mostly manual system to one in which several elements are automated so they can get into the comfortable position of “saying we’ve got all our guards all around”.

    Themba Maminze

    Themba Maminze, deputy director of operational security at the department of international relations & cooperation (Dirco), says costs are an issue when it comes to deciding whether to go with automated or manual systems. Currently, Dirco’s systems are 60% manual and 40% automated. Although Dirco doesn’t have an SOC, it is moving to a situation in which all its security systems are interconnected; a centre that will answer all its needs, Maminze adds. “Balancing your manpower with your technology in this age of unemployment is always a juggling act.”

    Keller adds that one of the biggest arguments against an SOC is the cost of training and retaining staff, who get bored and take their skills elsewhere.

    Wilma Nel

    The Land Bank’s head of IT governance, risk and compliance, Wilma Nel, points out that another issue is that staff are becoming lax during the Covid era. A simple example she cites is securing a home network, which people may not know how to do, and they may not reach out to IT to ask for help.

    Henry Denner

    The Gautrain’s information security officer, Henry Denner, references a recent study that found that most of the senses we use to communicate during a face-to-face meeting are absent during virtual meetings.

    “Most of the time, we also don’t even have our cameras on, which means you have to just rely on your sense of hearing to pick up on people’s tones.” This, he says, means that people lose concentration, which leads to mistakes being made.

    Thamsanqa Dlamini

    PSG senior security architect Thamsanqa Dlamini says that when security was being designed for PSG, they ensured that people could work from anywhere in the world. “We need to make sure that the PC itself is secure.”

    Adele Jones

    Nedbank has found that, because of a lack of human interaction and lockdown, people who tend to trust easily are more gullible, and need more guidance, said its lead architect of information security and blockchain, Adele Jones.

    Sithembile Songo

    The Public Investment Corp’s head of information security and risk management, Sithembile Songo, takes it a step further: “I believe, with all of us working from home now, we need to have visibility into everything that is happening. That’s the only way we can be able to track and see what is happening and whether we are secure or not. If we don’t have that visibility, we are wasting our time.”

    • This promoted content was paid for by the party concerned
    Adele Jones Henry Denner Ian Keller Janine West Micro Focus Prien Pillai Russell Opland Sithembile Songo Thamsanqa Dlamini Themba Maminze Tumelo Zwane Wilma Nel
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleElon Musk and Tesla just lit a rocket under bitcoin
    Next Article Systems Print continues digital migration with Xerox

    Related Posts

    How your business can help hybrid workers effectively

    28 June 2022

    Hands off our satellite spectrum!

    27 June 2022

    Watch | Telviva One: adapting to the requirements of business

    24 June 2022
    Add A Comment

    Comments are closed.

    Promoted

    How your business can help hybrid workers effectively

    28 June 2022

    Hands off our satellite spectrum!

    27 June 2022

    Watch | Telviva One: adapting to the requirements of business

    24 June 2022
    Opinion

    Has South Africa’s advertising industry lost its way?

    21 June 2022

    Rob Lith: What Icasa’s spectrum auction means for SA companies

    13 June 2022

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.