Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News Categories

Symantec opens Singapore Security Operations Center as part of US$50 million global investment

By Koh Wanzi - on 2 Dec 2015, 8:02pm

Symantec opens Singapore Security Operations Center as part of US$50 million global investment

The Singapore SOC is the fourth of its kind in the Asia-Pacific region.

Symantec today launched its new Security Operations Center (SOC) in Singapore as part of a more than US$50 million global investment to bolster its Cyber Security Services business. The new Singapore SOC would be Symantec’s sixth such center in the world and the fourth in Asia-Pacific, effectively doubling Symantec’s Cyber Security Service capabilities in the region.

Symantec’s global SOCs analyze up to 30 billion logs each day in order to provide enterprises with continuous protection 24/7. As we move into 2016 and beyond, Symantec anticipates that mere protection against threats is not going to be enough, and enterprises need to be ready to take proactive measures in order to identify and respond to threats before they even present themselves.

The opening of the Singapore SOC will address this by giving businesses access to better intelligence and threat detection data. They will also benefit from more up-to-date notifications on emerging threats so they can prepare themselves. By reducing the time between detection and response, the new SOC could help enterprises reduce operational costs and respond decisively to new threats.

Symantec’s SOCs provide edge-to-end point visibility of global threats, allowing a bird’s eye view of recent events. It can even zoom into an area as small as 2km2 – Sydney’s central business district area for instance – and track the incidence of specific threats over the past hour. The number of detected threats is indicated in the colored drop pins, with blue designating a stable number of threats, red a rising number, and green a falling number.

It's possible to zoom out and get an overview of the threats in different regions of the world.

At the SOC, malware metadata is aggregated from various internal and external sources in order to help it rate things like files and URLs and flag suspicious items. 10 intelligence driven analytic modules are employed in threat detection. For instance, a module called DNA, short for Domain Name Linguistic Analysis, analyzes domain names and URLs and matches them against suspicious domains.

However, technology alone may not be enough to stop today’s advanced threats, and Symantec also employs SOC analysts to interpret and prioritize critical events. These analysts undergo three to six months of rigorous training and take an intensive exam to obtain their incidence handling certification.

But other than the Singapore SOC, Symantec is also expanding its SOC in Chennai, India, where it plans to double the headcount. Similar plans are in the works for its Tokyo SOC, and additional facilities are also expected to open in Europe in the next one year. When the roll out is complete, Symantec expects to have eight SOCs worldwide, thus bolstering its capabilities to deal with new and emerging cyberattacks.