Structure of the Cybersecurity Management Center of the corporate information system based on the Microfocus Arcsight solution
DOI: 10.31673/2409-7292.2021.041421
DOI:
https://doi.org/10.31673/2409-7292.2021.041421Abstract
The organizational and technological approaches related to the preparation for the implementation of important tools and the training of specialists have been researched and improved. Further development and argumentation of the need to constantly check the security of the corporate information system, the level of training and conducting liknep and awareness of end users.
Key words: corporate information system, cybersecurity, cybersecurity management center, SIEM system.
References
1. М.П Войнаренко, О.М Кузьміна, Т.В. Янчук. Інформаційні системи і технології в управлінні організацією // Корпоративні інформаційні системи – Вінниця: ПП Едельвейс і К, 2015. – 496 с.
2. Carson Zimmerman. MITRE. ―Ten Strategies of a World-Class Cybersecurity Operations Center‖. The MITRE Corporation. 2014. – 346 с.
3. Committee on National Security Systems, ―CNSS Instruction No. 4009,‖ Committee on National Security Systems, Ft. Meade, 2010
4. NIST, ―Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations, NIST SP 800-137,‖ September 2011. [Електронний ресурс] – Режим доступу: http://csrc.nist.gov/publications/nistpubs/800-137/SP800-137-Final.pdf.
5. Killcrece, Georgia; Kossakowski, Klaus-Peter; Ruegle, Robin; Zajicek, Mark, ―Organizational Models for Computer Security Incident Response Teams,‖ December 2003. [Електронний ресурс] – Режим доступу: www.cert.org/archive/pdf/03hb001.pdf.
6. Joey Muniz, Gary McIntyre, Nadhem AlFardan. ―Security Operations Center: Building, Operating and Maintaining your SOC‖. Cisco Press. Release Date: November 2015
7. Jonathan Risto. ―Vulnerability Management Maturity Model Part I‖. SANS Institute. July 6, 2020. [Електронний ресурс] – Режим доступу: https://www.sans.org/blog/vulnerability-management-maturity-model/
8. Rob McMillan. ―Definition: Threat Intelligence‖. 16 May 2013. [Online]. Available: https://www.gartner.com/en/documents/2487216/definition-threat-intelligence
9. Brian Kime. ―RSA Conference 2020: An Intelligence Nerd‘s Shopping List‖. 13 Feb 2020. [Електронний ресурс] – Режим доступу: https://go.forrester.com/blogs/rsa-conference-2020-an-intelligence-nerds-shopping-list/
10. Micro Focus Security. ―ArcSight ESM. ESM 101‖. July 2020. [Електронний ресурс] – Режим доступу: https://www.microfocus.com/documentation/arcsight/arcsight-esm-7.3/pdfdoc/ESM_101/ESM_101.pdf
11. Micro Focus Security. ―ArcSight Connectors. SmartConnectorUserGuide. SoftwareVersion:8.1.0‖. 2020. [Електронний ресурс] – Режим доступу: https://community.microfocus.com/t5/ArcSight-Connectors/ArcSight-SmartConnector-User-Guide-8-1-0/ta-p/1586784?nm=
12. Geoff Harmer. ―Governance of Enterprise IT based on COBIT5‖. IT Governance Publishing. February 2014. – 175 с.
13. Petr Hnevkovsky, Dmitriy Ryzhkov. ―Microfocus Universe 2020. Next-Gen SOC and ArcSight customer story: Ukrenergo‖. 18 March 2020. [Електронний ресурс] – Режим доступу: https://content.microfocus.com/virtual-universe-next-gen-soc/arcsight-successkrenergo?utm_campaign=vuod&_ga=2.229177500.1893095171.1599550486-1790801641.1579283751
14. Microfocus Security, Dmitriy Ryzhkov. ―ArcSight ESM Case Study. NPC Ukrenergo‖. May 2020. [Електронний ресурс] – Режим доступу: https://www.microfocus.com/media/case-study/npc-ukrenergo-cs.pdf
15. Microfocus Security. ―Speed Up Security Operations with ArcSight SOAR‖. September 2020. [Електронний ресурс] – Режим доступу: https://www.microfocus.com/media/flyer/speed-up-security-operationswith-arcsight-soar-flyer.pdf
16. Dmytro Ryzhkov. Security operations center: first steps to good performance / Рижков Д.О. // «Актуальні проблеми кібербезпеки» - 2020 -№3. – С.84-87.
