Bolstering Defence with Singtel's Next-Gen Advanced SOC

Increasingly, threat actors are automating their work, sharing information about targets and attack techniques, and collaborating and orchestrating massive targeted attacks together. The volume and complexity of attacks is rising rapidly, and almost 1 million new malware threats are released across the globe each day. ¹Security teams receive a staggering number of alerts, and are simply unable to keep up.

Research by EMA found that 80% of organisations receiving 500 or more critical alerts per day, are only able to investigate less than 1% of those alerts. ² Most of the alerts are false positives, and alerts that are truly critical gets lost in the noise and sheer volume.

The global skills shortage of industry-ready cybersecurity professionals is predicted to rise to 1.5 million by 2020, and there is no immediate solution in sight. ³With escalating cyberattacks and manpower shortage, we need machines powered by artificial intelligence, data analytics and machine learning to augment human capabilities in defending these attacks.

As a global Managed Security Services Provider, Singtel takes a holistic 360 approach to cybersecurity, integrating people, process, technology and intelligence. We’ve built next-generation ASOCs powered by intelligent automation and orchestration, providing seamless end-to-end services, global threat intelligence, as well as deep expertise and experience.

To manage the skyrocketing volume of complex threats, our ASOC bolsters your defences with the following capabilities:

Real-time threat intelligence is automatically gathered from a wide range of global threat feeds and sources. This gives your security team insights into threat actors, attack methods, breach victims and industry-specific threats. This predictive intelligence can then be used to anticipate attacks, align and prioritise operations, and power up Singtel ASOC’s threat monitoring, incident response and malware hunting capabilities. Organisations with critical industrial control systems can detect and react to incoming threats more quickly, preventing catastrophic damage.

With a projected 50 billion connected devices by 2020 ⁴ , it will not be possible for SOC operators to manually make sense of the massive volumes of data generated. Machines need to be deployed at the frontlines to sift out the most critical events from the noise. Our machine learning algorithms are applied on network and telco metadata, and combined with multiple sources of threat intelligence to provide context to security logs and alerts. Advanced visual analytics reduces the cognitive load on SOC operators, making it possible for our SOC operations to scale up and manage high volumes of security events and cyberattacks.

As security events are occurring by the hundreds and thousands, manual responses are no longer viable to keep up with the rising volume and variety of attack vectors. With automation and orchestration, incident response processes and workflows can be automatically executed at machine speed, according to adaptive playbooks. This eliminates slow manual processes, avoids human error, increases operational efficiency and drastically reduces mean time to resolution.  With seamless orchestration, humans and machines can work seamlessly to provide better monitoring and proactive whole-of-infrastructure responses to cyber threats.

Our advanced playbooks evolve as we introduce emerging technologies into our operations, such as baiting hackers through deception technology. As visual analytics improve situational awareness, the playbook will adapt to incorporate more context‐aware responses to changing trends in the threat landscape. With automation and orchestration, testing out new plays become less costly, allowing us to test new security technologies more effectively and incorporate cyberwar experience into our playbooks.

As threat actors become more sophisticated and well-equipped, many organisations do not have adequate in-house expertise and resources to keep up with escalating threats. To plug this gap, partner with us to navigate today’s complex security landscape. We design, build and operate a global network of SOCs, and with access to a global threat intelligence network and 2,000 security professionals, we deliver round-the-clock security to businesses in 96 countries.

Contact us for a tour of Singtel ASOC.

¹ http://money.cnn.com/2015/04/14/technology/security/cyber-attack-hacks-security/

² https://www.infosecurity-magazine.com/news/less-than-1-of-severe-critical/

³ Frost & Sullivan

⁴ https://www.thethingsnetwork.org/community/thessaloniki/post/50-billion-iot-devices-will-be-connected-by-2020