Browse > Article

A Study on Improvement of Cyber Security Framework for Security Operations Center  

Cho, Changseob (숭실대학교/IT정책경영학과)
Shin, Yongtae (숭실대학교/컴퓨터학부)
Publication Information
Convergence Security Journal / v.19, no.1, 2019 , pp. 111-120 More about this Journal
Abstract
As cyber-attacks become more intelligent and sophisticated, the importance of Security Operations Center(SOC) has increased and the number of SOC has been increasing. In order to cope with cyber threats, institutions and organizations use a variety of cyber security standards to create business procedures. However, SOC often need to be improved in accordance with the SOC environment because they collaborate with managed security service specialists rather than their own personnel. The NIST cyber security framework, information security management system, and managed security service companies were compared and analyzed. As a result, it was found that the NIST CSF is a framework that is easy to apply to managed security service, The content was judged to be insufficient. Therefore, in this study, NIST CSF was used as a reference model to derive the management items required for SOC environment, and the necessity, importance and ease of each item were confirmed through an Delphi technique and an improved cyber security framework was proposed.
Keywords
Security Operations Center; Security Framework;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Symantec, "Internet Security Threat Report", Vol. 23, 2018.
2 Forbes, https://www.forbes.com/sites/eycybersecurity/2017/05/09/why-your-business-needs-a-security-operations-center/#15dfe18642aa, (2019.1.15.).
3 Stef Schinagl, Keith Schoon, Ronald Paans, "A Framework for Designing a Security Operations Centre (SOC)", 48th Hawaii International Conference on System Sciences, IEEE, 2015.
4 윤오준 외, "주요국의 사이버위협정보 공유체계 분석을 통한 국내 적용모델 연구", 융합보안논문지, 제16권, 제7호, pp.101-111, 2016.
5 차병래 외, "Cybersecurity를 위한 SOC & SIEM 기술의 동향", 스마트미디어저널, 제6권, 제4호, pp.44-49, 2017.
6 Alissa Torres, "Building a World-Class Security Operation Center: A Roadmap", SANS, 2015.
7 국가정보원, 과학기술정보통신부, 방송통신위원회, 행정안전부, 금융위원회, "2018 국가정보보호백서", 2018.
8 권성문 외, "기반시설 사이버보안 프레임워크 도출방안", 정보보호학회논문지, 제27권, 제2호, pp.241-250, 2017.   DOI
9 이수연 외, "주요기반시설 서비스의 안정적 운영을 위한 보안 프레임워크 설계에 관한 연구", 한국IT서비스학회논문지, 제15권, 제4호, pp.63-72, 2016.
10 이상도 외, "제어시설 사이버공격 대응을 위한 사이버보안 프레임워크 연구", 예술인문사회융합멀티미디어논문지 제8권, 제4호, pp.285-296, 2018.
11 김민준, 김귀남, "정보보안 거버넌스 프레임워크에 관한 연구", 융합보안논문지, 제10권, 제4호, pp.13-19, 2010.
12 김점구, 노시춘, "의료정보보안 기반 소프트웨어 아키텍처 설계방법", 융합보안논문지, 제13권, 제6호, pp.35-41, 2013.
13 송은지, 강원영, "미국 오바마 정부 2기의 사이버보안 강화 정책", INTERNET & SECURITY FOCUS, KISA, 2014.
14 NIST, "Framework for Improving Critical Infrastructure Cybersecurity," Version 1.1, 2018.
15 ISO, https://www.iso.org/obp/ui/#iso:std:iso-iec:27001:ed-2:v1:en
16 한국인터넷진흥원, "정보보호 및 개인정보보호 관리체계(ISMS-P) 인증제도 안내서", 2019.
17 IGLOO Security, http://www.igloosec.co.kr/en/ig/Service_Managed%20Security_MSS%20Process, (2018.8.30).
18 SK Infosec, http://www.skinfo sec.com/ko/control/method.jsp, (2018.8.30).
19 강용주, "델파이 기법의 이해와 적용사례", 한국장애인고용공단, EDI보고서, 수시 08-20, 2008.
20 이종성, '델파이 방법(연구방법21)', 교육과학사, 2001.