Lim Meng Hwee

Deputy General Manager, Info-Security, Digital Systems, ST Engineering

Koh Sze Liat

Cybersecurity System, Info-Security, Digital Systems, ST Engineering

Jacky Lim

Assistant Principal Engineer, Info-Security, Digital Systems, ST Engineering

In today’s digital world, technology has become a double-edged sword. While organisations are quick to leverage it to enhance their competitive edge and business continuity, it also presents cyber adversaries with a myriad of opportunities to exploit.

Organisations appreciate the need to set up the Security Operation Centres (SOCs) to enable businesses to scale greater heights safely and securely in this evolving threat landscape. However, building a Security Operation Centre is no easy feat considering the different considerations spanning from people, processes to technologies.

A unified Security Operation As-A-Platform (SOCaaP) can help organisations realise SOC capability allowing them to defend against unknown IT (Information Technology) and OT (Operational Technology) cyber threats faster than ever.

A race against the Cyber Attackers

The new norm of telecommuting and remote working arrangements opens many avenues for attacks: 9 in 10 cyber threats originate from emails, making it the number one threat vector. We also see an uptick in sophisticated phishing email schemes exploiting the uncertainty of the situation. The Cyber Security Agency of Singapore reported that Singapore’s number of phishing attempts tripled during the COVID-19 period, mirroring global trends.

However, even as cyber threats mount, the number of professionals to counter these attacks is not keeping pace. The cybersecurity sector is grappling with a global talent crunch due to high employee burnout rates. This downward spiral has resulted in the average tenure of each cyber professional being less than two years, and talent retention would remain a perennial challenge.

Proper orchestration and automation tools to ensure operational efficiency and consistency across the organisation would have aided the evergreen security team in promptly managing cyber-attacks. This could attribute to executives not having full visibility of challenges faced by frontline security teams and prioritizing protection technology to tackle the sprawling technology landscape.

Today’s SOC team faces the arduous task of securing legacy and current technology and being ready for the next wave of technology such as containers, serverless, and IoT. All this while racing uphill against cyber adversaries exploiting every available opportunity presented to them with the expansion of attack surface.

Benefits of a unified SOC Platform

The answer to the challenges lies in the feature-packed SOCaaP, which provides SOC with operational capabilities to Protect, Detect, Respond and Recover from any cyber-attacks.

Combining the best in endpoint protection solutions, machine-based security analytics, as well as security orchestration, automation, and response (SOAR), SOCaaP provides actionable insights through a highly integrated and streamlined workflow – allowing the security team to react swiftly to unknown threats.

Here is how it works: The orchestration and automation module steps in to automatically consolidate critical data and streamline the incident response workflow, minimising mundane tasks such as manually distinguishing between false and true positives. This improves process coordination and weeds out ineffective procedures.

SOCaaP elevates its protection and detection capabilities by gaining herd immunity from the cyber ecosystem by ingesting commercial and open-source threat intelligence feed. With threat intelligence, SOCaaP also provides the security team with threat context to better respond and eradicate cyber threats found in the environment.

When responding to cyber threats, the SOCaaP’s Situational Dashboard is a vital piece to the nerve centre of your security operations. It provides all the information required in a single pane of glass for the executives and the security team to make informed decision concerning the organisation’s current cyber defence posture.

At ST Engineering, our SOCaaP’s open and modular architecture supports technology refreshes without impacting your security operation. The components are technology agnostic and can be easily upgraded or swapped as the cyber landscape and operation requirements evolve across legacy and future technologies. Maintenance is also made accessible on our platform, which includes a module that ensures it is always up to date and operationally ready. This allows your staff to focus on running their security operations.

Taking your security operations to the next level does not always have to be a costly affair. Organisations that have adopted ST Engineering’s SOCaaP have reaped as much as 50 percent in cost savings, as operational and deployment complexities are reduced with our pre-built solutions. This allows for quicker operationalisation of the system than building a SOC from the ground up and mitigates the risk of unknown pitfalls when building it in-house.

A regional first

ST Engineering was the first to bring SOCaaP to the region when our first homeland security and enterprise SOCs were deployed in 2011. With over a decade of experience and deep expertise in designing, building, operating, and maintaining SOCs worldwide, we have deployed over 20 SOCaaP-powered SOCs to date.

Our cybersecurity centres are equipped with advanced detection and analytical capabilities that offer advanced protection for critical information infrastructures in the aviation, maritime, land transport, and energy sectors. We also provide SOC solutions with orchestration automation capabilities.

Find out more about our SOCaaP solutions here.

Subscribe for notifications

Fill in the particular below to receive notifications of new insights and articles, delivered directly into your inbox.