Security Operations Centre otherwise known as SOC is a central hub for security operations. The concept was originally applicable to cybersecurity operations. However, it is no more an exclusive field. Futuristic physical security is increasingly optimizing its operation through adaption of this niche functions of surveillance and response. With Artificial Intelligence dominating business world, Security Operations Centre is indeed the future of security value.
The reality of future physical security is such that most organizations would go full automation. This disruption will lead to sharp drop on reliance on physical deployment of guardforce personnel. Many routine roles of guardforce that require less decision making will likely be replaced with automation.
Given above scenario; most corporate security departments are currently expanding their traditional CCTV control room operation to reflect a classic Security Operations Centre settings. In this configuration, the SOC will be equipped with skilled personnel for complex tasks that would essentially include monitoring, analyzing and responding to security threats.
Security Operations Centre will serve unique function, dedicated to using analysis of observed event to direct and guide field security operatives to respond to emerging security incidents within a facility or distant location being monitored remotely.
In the age of Artificial Intelligence, the importance of Security Operations Centre cannot be relegated. It would play crucial roles in shaping the future of physical security operations. Field security force who are serving as quick response force – QRF would rely on SOC to activate response to security incident. See below, the summary of security routine security functions to be integrated into Security Operations Centre.
- Controlling access to premises and assets.
- Monitoring people, locations and activities.
- Managing security incidents.
- Responding to emergencies.
- Supporting investigations.
- Enforcing compliance to company rules and regulations.
- Reporting incidents.
The two types of Security Operations Centre – SOC:
Managed SOC – this is an outsourced SOC, to a third-party service provider. It may be located onsite or offsite command centre operated by the vendor.
Dedicated SOC – this is a proprietary or inhouse SOC; owned and operated by an organization. It is usually located onsite, however; it maybe tasked to manage various offsite locations that belong to same organization. It is correct to brand such, a command centre SOC.
Security Operations Centre technologies and tools:
Access Control System – ACS: this tool is deployed for management of access control. It makes use of pre-enrolled card, pin, code, fingerprint, facial or voice recognition, etc. SOC runs the enrollment, privileges, activations, deactivations, data analysis and archiving, etc. for efficient operation.
Visual Surveillance System – VSS: this technology provides SOC with cameras, DVRs, cables, videowalls, spot monitors, dedicated software/application, etc. for real-time remote monitoring of people, assets/locations & activities.
Intrusion Detection System – IDS: this comprised of alarms, alerts and prompts; it may be visual and/or audio. IDS relies on sensors to collect data, analyzers to process data, and response mechanism to initiate appropriate actions which SOC would act on.
Standard Operating Procedures – SOP: this sets step by step guides on required response of SOC per event and the overall functions. It provides framework for uniformity, consistency and standardization in Security Operations Centre.
Composition of SOC team:
Tier 1 personnel: this is an operator and level 1 analyst.
Tier 2 personnel: this is an operator with added functions and authority above tier 1.
Tier 3 personnel: this person handles supervisory or coordinator roles; having authority above tier 1 & 2 personnel.
SOC Manager: this person should be responsible for overall SOC resource management.
Primary functions of SOC include:
- Monitor – this function requires active surveillance on cameras, alarms, and alerts.
- Analyze – requires making sense of people, location and event being monitored.
- Detect – identifies abnormal, odd, out of place, threats and security breach event.
- Respond – requires taking actions in response to events or incident.
- Communicate – entails reaching out to other functional personnel about the incident.
- Collaborate -demands working with the entire team from start to initial and final close of the incident.
- Record – will require documenting every piece of information about the incident.
- Investigate – entails fact-finding focused on what-when-where-who, how & possible why.
- Report – is about providing fact-based account or testimony of the incident.
- Archive– store and protect data, and exhibits about the incident using chain of custody guide.
Security Operation Centre is the future of physical security operations. It is been driven by Artificial Intelligence. Its adoption will disrupt traditional physical security functions. It has potential for huge return on investment. Your organization’s CCTV control room operation can be expanded and transformed to SOC.
ALSO READ:
A Christian Journey That Started With Theft
About Author
Discover more from TRW Interns
Subscribe to get the latest posts sent to your email.