May 17, in its city, Thai Binh provincial Department of Information and Communications officially opened the Security Operation Center (SOC) that was built and developed by Bkav Corporation. The SOC would help quickly detect all signs of attacks on the network system, respond in an active manner, and thereby minimize damages. This was considered as the first model of cyber security nationwide.
With the philosophy of putting the process of monitoring and early detecting dangers at the center of ensuring security for a system, the SOC is designed by Bkav to update 24/7 information about security of the entire system, data connection of all important components such as firewall, network equipment, servers, workstations, and at the same time monitoring network traffic, etc. These data will be processed and analyzed by AI technology to detect abnormalities, thereby displaying warnings to administrators for prompt reaction.
Speaking at the Opening Ceremony, Mr. Do Nhu Lam, Deputy Director of the Department of Information and Communications, Head of Cyber Security Incident Response Team of Thai Binh province, said that: “In the past when an incident occurred, we could hardly identify the cause. Since Bkav SOC is available, we are warned immediately when there is a risk of an attack such as abnormal traffic, unauthorized connection to server or network scanning. Therefore, web attacks or DDoS, APT have been blocked when they are just risks”.
In Bkav SOC, all incidents are posted to the system, then jobs are assigned to each member of the Response Team, ensuring that all incidents are dealt with properly. This makes it easier for the administration team to have report data on the network attacks, much simpler than before.
Mr. Nguyen Huy Dung, Deputy Director in charge of Authority of Information Security, Ministry of Information and Communications said: “Security Operations Center SOC will help organizations monitor and supervise risks 24/7, thereby early detecting vulnerabilities and attacks to have active responses. I believe that this is a model that we should replicate in other localities to ensure national security”.
Sharing at the Opening Ceremony of Thai Binh SOC, Mr. Ngo Tuan Anh, Bkav's Vice President of Network Security, said: “APT attacks always use virus and malware, so they are not easy to detect. With more than 20 years of experience in virus prevention and network security research, the knowledge help us understand attack methods and hacker behaviors. Therefore, Bkav SOC can detect early and effectively prevent attacks on the system. In addition, we also build synchronously solutions that can connect with the SOC system from the perimeter protection firewall to the solution controlling security policies, ensuring servers and workstations; comprehensive antivirus solutions; professional cyber security services, etc.”.
The SOC system that Bkav has researched and developed can connect with existing solutions and equipment, help optimize investment and provide the flexibility in deployment.
The Opening Ceremony of Thai Binh SOC took place in the series of events on conference and cyber security drill organized by the Ministry of Information and Communications in Thai Binh City, on 16 and 17 May. The event had the presence of Mr. Nguyen Thanh Hung, Deputy Minister of Information and Communications, Mr. Dang Trong Thang, Chairman of Thai Binh Provincial People's Committee, Mr. Vu Tien Khoai, Director of Thai Binh Department of Information and Communications and representatives of more than 30 Department of Information and Communications in the North of Vietnam and some other localities.