Options
Ngsoc Component in it Asset Management Policy: Case Study for Sysarmy Sdn Bhd
Date Issued
2023-07
Author(s)
A’in Hazwani Binti Ahmad Rizal
Abstract
Deploying Security Operation Center (SOC) either in-house or outsourced concepts
would be one of the mitigations to prevent cybercriminals. SOC operates in a huge team
depending on People, Process and Technology. However, according to Cisco System
Inc reported in Techwire Asia (2022), 60% of Malaysian cyber security technology are
currently deploying outdated version and inadequate tool is used in SOC environments.
Moreover, there is still a gap in the SOC framework used in maintaining the quality of
technology, especially IT assets in SOC. Therefore, this thesis designs an NGSOC
component in IT asset management that can be implemented by Next Generation
Security Operation Center which includes six subcomponents, that are Security Incident
and Event Management (SIEM), Cyber Threat Intelligence (CTI), Knowledge Base,
Log Monitoring and Collection, Ticketing System and Reporting. This thesis
implements quantitative methodology which complies with Technology Acceptance
Model (TAM) to evaluate the procedure using a questionnaire and data analysis using
Partial least squares structural equation modeling (SEM-PLS). From the total
population in SysArmy is 110, 95 samples have been taken after applying a 95%
confidence level and 5% margin of error. The data collection method is a set
questionnaire distributed to panels from different professional backgrounds related to
the Security Operation Centers environment.
would be one of the mitigations to prevent cybercriminals. SOC operates in a huge team
depending on People, Process and Technology. However, according to Cisco System
Inc reported in Techwire Asia (2022), 60% of Malaysian cyber security technology are
currently deploying outdated version and inadequate tool is used in SOC environments.
Moreover, there is still a gap in the SOC framework used in maintaining the quality of
technology, especially IT assets in SOC. Therefore, this thesis designs an NGSOC
component in IT asset management that can be implemented by Next Generation
Security Operation Center which includes six subcomponents, that are Security Incident
and Event Management (SIEM), Cyber Threat Intelligence (CTI), Knowledge Base,
Log Monitoring and Collection, Ticketing System and Reporting. This thesis
implements quantitative methodology which complies with Technology Acceptance
Model (TAM) to evaluate the procedure using a questionnaire and data analysis using
Partial least squares structural equation modeling (SEM-PLS). From the total
population in SysArmy is 110, 95 samples have been taken after applying a 95%
confidence level and 5% margin of error. The data collection method is a set
questionnaire distributed to panels from different professional backgrounds related to
the Security Operation Centers environment.
Subjects