IT security is one of the highest priorities for every CIO. Cyber-attacks are now a reality that we must deal with on a daily basis. More and more organizations have been the victims of so-called cybercrimes that are the cause of financial losses, operational problems and consequences to the company’s reputation.
That is why trying to better structure your defenses, and increase efficiency and reactivity in case of an attack, are now key goals for IT departments. How should we adapt to these new needs? One of the most important actions to take is the creation of an Information Security Operations Center, which implements IT security and proactively monitors IT infrastructure.
A new IT Security Management Strategy
Lately, in the Banca Informatica Bancaria Trentina Group where I work, we have increasingly focused on the realization of an Information Security Operations Center. To ensure security and to better control cyber-attacks, we are now leveraging the advantages offered by Kibana and Grafana: Data Visualization Modules integrated into NetEye. These tools allow you to create dashboards that are easy to interpret. More specifically, we focused on the generation of dashboards for infrastructure load (e.g., the CPU usage of the various nodes and the bandwidth load of the switches) and for the security events that allow us to rapidly identify if our organization is under attack.
These dashboards offer a concrete benefit in those situations where it is fundamental to quickly identify the root cause of a problem, such as within an ISOC.