Bhubaneswar: Cyber Security Operation Centre (CSOC) of Odisha Government shall monitor, detect, investigate, and respond to cyber threats.
Initially it will be made operational on State Data Centre (SDC), State Wide Area Network (SWAN), and Secretariat infrastructure. Later, other government infrastructures can be integrated with CSOC.
State CSOC shall be responsible primarily for following activities:
CSOC’s will have a complete view of the threat landscape, including various types of endpoints, servers and software on premises, and third-party services and traffic flowing between these assets.
CSOC is responsible for collecting, maintaining, and regularly reviewing the log of all network activity and communications for the entire infrastructure setup. This can find out existence of threats.
CSOC will scan or monitor the network 24/7 to flag any suspicious activities. CSOC will notify immediately emerging threats in advance to client to prevent or mitigate harm.
CSOC will look closely at each threat, discard any false threats, determines actual threats and what they are targeting. This allows CSOC to triage critical threats appropriately and helps in handling the most critical issues on priority.
As soon as an incident is confirmed, the CSOC acts as first responder, performing actions like shutting down or isolating endpoints, terminating harmful processes or preventing them from executing, deleting files etc..
In the after-effects of a significant unpleasant event, CSOC works to restore systems and recover any lost or compromised data. It is also responsible for figuring out exactly what happened when, how and why using the log data and other information so that future events can be prevented.