Building adequate skills to man state-of-the-art Security Operation Centres

A Security Operation Centre is a useful asset for organisations in today’s landscape of sophisticated cyber threats, improving their ability to detect, respond to, and possibly even prevent cyber threats from occurring

A Security Operation Centre (SOC) is a useful asset for organisations in today’s landscape of sophisticated cyber threats, improving their ability to detect, respond to, and possibly even prevent cyber threats from occurring. By leveraging different state-of-the-art technologies and a skilled workforce, the SOC enables organisations to stay ahead of emerging cyber threats, while protecting their digital assets.   

During a CYBER Breakfast event organised by MITA-NCC in May, the discussion centred on SOCs. The different conversations highlighted the importance of having a skilled team working within defined processes that, supported by cutting-edge technologies, can build, optimise, and maintain the organisation’s cybersecurity toolset.

While technologies are often seen as solution to most scenarios, they are not always the answer. Tools can enable more effective and efficient processes, but ultimately, it is the human being that analyses and takes decisions. Case in point, for zero-day vulnerabilities, the role of a skilled SOC analyst is key as technological solutions like Security Information and Event Management (SIEM) may not detect these threats. At that moment, it all boils down to the SOC analysts’ knowledge gained through years of exposure to technical and non-technical experiences.

Globally, it is recognised that finding skilled workforce to man a SOC is a significant challenge. One of the main issues is the different skills one needs to acquire to become a competent SOC analyst. There are stages that cannot be missed - if analysts are not exposed to the infrastructure before an incident occurs, how quickly can they react before they identify abnormal activity?

It is in such a context that MITA-NCC launched the Security Operations Centre Analyst Training Course as part of its Cybersecurity Skilling Programme in 2023. Similarly, MITA-NCC is collaborating with the Faculty of ICT at the University of Malta for the launch of a new Master of Science in Cybersecurity, starting next October 2024. This program aims to train students and provide them with the skills required to work in this field where they can identify security vulnerabilities, demonstrate their exploitability, and explore remedies.

This master’s course will not only address the shortage of cybersecurity experts but will also meet the evolving demands of cybersecurity professionals in various domains including technical, regulatory, legal, and managerial. MITA-NCC is also sponsoring a cybersecurity lab equipped with the latest state-of-the-art cybersecurity technologies, whereby amongst other possibilities, students will experience real-life scenarios following which they can extract forensic evidence, find possible solutions, and propose research studies in this regard. This laboratory is co-funded by the Digital Europe Programme. Such a hands-on approach to learning will ultimately produce professionals ready to take on jobs and become productive in no time.