Orange SOC

2019: Start in Russia SOC - the center of monitoring of cyberthreats

On August 30, 2019 the international service -provider Orange Business Services announced start in commercial operation of SOC (security operations center or the center of monitoring cyberthreats) century To Moscow. Its main objectives – identification and rapid response to threats information security for minimization or an exception of damage from cyber attacks to the companies working in Russia and the CIS. In addition, SOC is used by Orange for protection offered clients of the company by the TV set and IT services, such as IaaS- the platform, contact center and solutions Internet of Things.

The started SOC works, based on the processes and tools used by Orange worldwide. The principle of its work is based on risk-oriented approach which allows to define the most relevant threats for IT systems of the client and to build the optimal strategy of protection. Powerful benefit of SOC from Orange is existence of own international platform of cyberinvestigation (threat intelligence): constantly filled up knowledge base about relevant threats of the information security allowing to distinguish in time the attacks which meanwhile did not come into the view of traditional instruments of protection.

SOC is constructed with technology support of IBM: its basis is the QRadar SIEM platform which allows not only to monitor precisely implementation of threats and to estimate their priority for timely reaction, but also supplies the staff of SOC with preliminary outputs that considerably accelerates the analysis and elimination of the reasons of incidents. The QRadar platform is a core of a large number of the leading SOC worldwide and, according to reports of Forrester Wave and Gartner Q-Radar, it is considered one of the best solutions in the field of analytics and information security monitoring. Own directory of scenarios of detection of threats (use cases) from Orange allows to reduce the actual time of connection of service to the client from half a year to 1-3 months, depending on the size of controlled IT infrastructure. At the same time the SOC service can be provided also using the SIEM system belonging to the customer and being under control of specialists of Orange.

SOC Orange work in France, India and Poland. Work of the center is organized taking into account local specifics: SOC obtained the license of the Federal Service for Technical and Export Control, and all its infrastructure and specialists are in Russia.

The center of monitoring and response to incidents will add a range of the solutions Orange Business Services in the field of information security and continues our development strategy cybersecurity in Russia. We conduct negotiations on use of our SOC with the Russian companies in banking sector, metallurgy and with autoproduction. In the next five years we are going to expand a command and to implement means on automation of a part of functions of operators. Are sure, our work experience with the largest companies in retail, the industry, finance, etc. spheres will be useful at development of the Russian SOC, speaks Richard van Vageningen, the CEO of Orange Business Services in Russia and the CIS