By Milica D. Djekic
The security operations centers (SOCs) are cybersecurity systems that are capable to provide security in a both – technological and organizational manner. Through this review, we would deal with the SOCs that could be implemented with the small and midsize enterprises (SMEs) and offer a certain level of protection to those assets.
So commonly – these sorts of SOCs would include only one employee being the part of that SME who would be responsible for resolving the wide spectrum of IT and organizational concerns.
This IT Security Professional could be the part of SME asset or even outsourced depending on the small businesses’ needs.
In an economical manner, the SMEs are from strategic importance to the majority of commerce worldwide. Many countries including those the most developed would classify SMEs as part of their critical infrastructure.
The sabotage or diversion of such an asset could seriously disadvantage or even produce the catastrophic consequences to the economy of any nation.
For such a reason, it’s crucially important to invest in a cyber defense of SMEs as one of the key factors to their functionality and operational capabilities.
It’s well-known that those assets are not that highly protected as they should be in a cybersecurity manner, so it’s so recommending to take care of their security in a technical and organizational way.
The SOCs could offer some level of defense in both – technological and organizational sense, but how could we apply that to the SMEs?
One of the ideas would suggest that such an organization as an SME is dealt with up to 50 employees and practically – it’s sufficient to hire only one IT Security Professional who would maintain a level of the risk at an acceptable stage.
Such a practitioner could work in the office or remotely depending on what the businesses’ needs are.
So often, such a way of arrangement could get seen as an ad-hoc workplace. It’s also significant to mention that such an SOC should use some IT tools for prevention, monitoring and incident response to a threat.
Finally, we would suggest to such an organizational solution to try to combine IT tools it uses. For instance, many developing countries could rely on open-source and freeware software which can be downloaded from the web for free.
On the other hand, suitable societies dealing with the much higher budget could try to invest in the most optimal solutions which would satisfy both – technical and economical requirements.
In other words, we would propose some cost-effective opportunities which would cope with the SMEs’ capabilities.
In the end, we should always have in mind that SMEs are the part of critical infrastructure and it’s highly advisable to equip them with some sort of cyber defense capacities for a reason for saving the both – private sector and nation’s budget.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at the University of Belgrade, Serbia, she’s been an engineer with a passion for cryptography, cybersecurity, and wireless systems. Milica is a researcher from Subotica, Serbia. She also serves as a Reviewer at the Journal of Computer Sciences and Applications and.
She writes for American and Asia-Pacific security magazines. She is a volunteer with the American corner of Subotica as well as a lecturer with the local engineering society.