K2 Cybersecurity: Information Security Monitoring Center (SOC)

The main articles are:

• Situational centers (definition, main tasks)
• Security Information and Event Management (SIEM)

2024: Compliance with GOST R ISO/IEC 20,000-1-2021

The monitoring center cyber security from K2 Cybersecurity received a certificate from the Management System - IT Services (SUSIT). He confirms that the Center has been audited and meets the requirements of the standard - GOST R ISO/IEC 20,000-1-2021. The company K2 Teh announced this on May 7, 2024.

SOC's work is based on three main elements - technology, people and processes. SUSIT is an additional guarantee that K2 Cybersecurity has allocated all the necessary resources and built the controlled work of all processes required to provide a stable and high-quality service to the Cybersecurity Monitoring Center. The certificate confirms that SOC has established security, assets, resources, incidents, vulnerabilities, budgets, capacities, releases and other necessary processes.

According to our research, almost half (44%) of large Russian companies are interested in connecting SOC services. At the same time, the choice of a reliable provider causes great difficulties. Auditing for compliance with the requirements of state standards in the field of the IT service management system is a standard practice, for example, for technical support services. For commercial SOCs, the SUSIT certificate is a unique case. This once again proves the expertise of the K2 Cybersecurity team, which has built effective processes for providing high-quality services, "said Anastasia Fedorova, Development Director of the K2 Cybersecurity Monitoring Center.

At the end of 2023, SOC K2 Cybersecurity was also successfully tested for compliance with the requirements of GOST R ISO/IEC 27001 − 2021 and received a certificate from the Information Security Management System (SMIB).

2023

CROC Cloud Security Services Component Management

Croc Cloud Services, together with K2 Tech, launched Cloud Security Services (CSS), a set of measures and services to ensure security in cloud environments. It identifies, prioritizes, and mitigates security risks and addresses compliance challenges to protect IT infrastructure. CROC announced this on December 7, 2023. Read more here.

Starting the SOC Solution

K2 Cybersecurity launches the Security information security Operations Center SOC. It will combine the expertise K2 Cybersecurity in the field information protection and technology. " Kaspersky Lab Using a platform Kaspersky Unified Monitoring and Analysis Platform (KUMA) built on, microservice architecture SOC K2 Cybersecurity specialists will be able to monitor, analyze and inform the client in real time about both attacks from outside and from within the infrastructure. The company K2 Teh announced this on October 4, 2023.

According to our study, only 17.5% of companies in various segments of the economy consider their staff of information security specialists to be staffed. The need for qualified personnel to carry out information security tasks is only growing. We in K2 Cybersecurity have invested a lot of time and resources in building up our own expertise and training our SOC team to meet the growing demand for competent information security specialists. Our SOC is a comprehensive service that allows you to respond to information security incidents in a timely manner and provides proactive protection against all types of cyber risks, "said Andrey Zaikin, Director of Business Development K2 Cybersecurity.

The main task of the commercial SOC is to ensure the protection of the client company's information and minimize the risks of cyber attacks. To do this K2 Cybersecurity uses Kaspersky Lab solutions, in particular the KUMA SIEM system, which provides centralized collection, accelerated analysis and correlation of security events from various data sources. The solution is built on a microservice architecture, which allows you to create and configure only the necessary microservices, expand and customize the capabilities of KUMA.

We actively cooperate with leading domestic companies so that they can provide our joint customers with a service based on advanced and effective technologies, and ensure security against even the most complex threats. The SIEM system of Kaspersky Unified Monitoring and Analysis Platform not only performs centralized collection and analysis of information security events and timely notifies about incidents, but also has built-in capabilities to enrich with up-to-date data on threats and incident response. We are glad to partner with K2 Cybersecurity, this allows us to significantly expand service offers on the market, combining our joint experience and expertise to protect modern organizations, "said Marina Usova, Director of Corporate Sales at Kaspersky Lab in Russia.

An important aspect for security is also the correct configuration of correlation rules. When deploying the solution, SOC K2 Cybersecurity experts analyze which events for the client's infrastructure are the norm and which are not, how algorithms and data work within the company. Thus, the customer is exempted from the need to hire additional full-time information security specialists who will deal with these labor-intensive issues.

The service can be provided in hybrid or cloudy SOC format. The hybrid option is offered to customers who already have their own means of monitoring information security events and incidents, in particular, the SIEM system. The turnkey solution is cloud SOC K2 Cybersecurity, which has high fault tolerance and does not depend on the supply of equipment. In addition, the cloud provides opportunities for reservations channels communications and efficient scaling of resources, and it SLA is 99.9%.

SOC customers can also receive additional services, such as identification and analysis, vulnerabilities enrichment of data on current cyber threats, incident investigation, administration of information protection tools consulting and by. INFORMATION SECURITY Thus, each customer receives not just SOC, but a business partner in the person of an integrator who is an expert in the field of information security.