Security Operation Centre strategic is a team which aid companies to prevent external attacks and keep the infrastructure secure and reliable. The SOC team are in charge in turn of security logs management and security activities monitoring as well as reporting issues, incidents, or unexpected/unusual behaviours. The SOC team supervise the management of the security platform, carry out security logs’ analysis and correlation activities, such as alarms and logs received from security appliances, as well as the adopted protection measures assessment in line with the security plans and coordination of the other Company facilities in case of cyber security incidents.

The SOC therefore stands as the operation centre in charge of the following activities:

Security Monitoring and Incident Handling:

– Monitoring of ICT infrastructures security logs in real-time

– Handling cyber security incidents

– Dealing with Security alerting and reports received from other sources (via Email, Bulletin, etc.) analysis

Security Device Management:

  Managing security devices such as Firewall, IDS, Antivirus, UTM, ACS, etc., in terms of fault, configuration and performance

Security Technical Support:

– Managing Security Platform

– Running security assessment activities

– Managing antivirus platforms

– Testing security systems

Service Monitoring:

– Defining the security audit implementation mode, identified by the relevant departments for risk treatment in accordance to  the companies strategies

– Verifying the compliance of standers and regulations (for the systems that are being used in the SOC field) as well as hindrances referred to in the Personal Data Protection Legislative Decree n. 196/03 and the new European regulations GDPR 2016/679 (Data Protection General Regulations)