Enhancing Cyber Security: How the Digital Office & Scotland Excel are leading the way with the Security Operations Centre Framework Project

Introduction

Cyber security is a vital aspect of any organisation's digital transformation. It ensures that the data, systems, and services that we rely on are protected from malicious attacks and unauthorised access. However, cyber security is not a static or one-off task. It requires constant monitoring, analysis, and response to the evolving threats and challenges that we face in the digital world.

That is why the Digital Office has been working on a project with Scotland Excel to develop a single supplier framework for councils to call off for Security Operations Centre (SOC) services. Scotland Excel, the Centre of Procurement Expertise for the local government sector, plays a critical role in this initiative by leveraging its expertise in procurement to ensure the best value and most effective solutions for councils. A SOC is one of the best ways that an organisation can increase their cyber security. Cyber attacks can happen at any time, and cyber criminals often choose times when they know staff will be thin on the ground, with bank holidays being a popular target for this reason.

A SOC provides 24x7x365 monitoring of council systems and can take actions when certain types of incident are seen or escalate to chosen points of contact. Developing this kind of service in-house, with round-the-clock monitoring and specially trained staff would be beyond the reach of a council, so using the private sector to provide this service is the best way to make vital services available to councils.

The SOC provider will have a dedicated team of cyber security experts who will monitor, detect, and respond to cyber incidents across the organisation. In this blog post, I will explain what the SOC project is, why it is important, and how it will benefit the organisation and its stakeholders.

What is the Security Operations Centre (SOC) project?

The SOC project will create a procurement framework for councils to call off for SOC services. A SOC has a team of cyber security professionals who will perform various functions related to cyber security, such as:

• Monitoring the organisation's network, systems, and applications for any signs of malicious activity or anomalies
• Detecting and analysing cyber incidents, such as cyber attacks, data breaches, or ransomware
• Responding to cyber incidents
• Reporting and communicating cyber incidents, by notifying the relevant stakeholders and authorities, and providing recommendations and lessons learned
• Improving cyber security

Why is the Security Operations Centre project important?

The SOC project is important for several reasons:

• It will improve the organisation's cyber security posture and resilience, by providing a comprehensive and proactive approach to cyber security, and reducing the impact of cyber incidents.
• It will enhance the organisation's compliance, by ensuring that the organisation meets the legal and regulatory obligations and standards related to cyber security. The Information Commissioner's Office (ICO) have reprimanded public sector organisations for failing to have adequate logs and a SOC with standard tools could help meet this requirement.

How will the Security Operations Centre project benefit the organisation and its stakeholders?

The SOC project will benefit the organisation and its stakeholders in various ways, such as:

• It will help reduce downtime and disruption caused by cyber incidents, and improve the performance and availability of the organisation's network, systems, and applications.
• It will help the organisation deliver reliable and secure digital services to its customers, and protect their data and privacy.
• As this framework is open to councils and other public sector organisations, it will foster collaboration and learning from other users of the framework. A community of framework users will be created, so learning and experience can be shared.

Conclusion

The SOC Framework project is a strategic and ambitious initiative that will help transform organisations' cyber security capabilities. It will provide a centralised and dedicated team of cyber security experts who will monitor, detect, and respond to cyber incidents across the organisations.  Supported by Scotland Excel's procurement expertise, this project is a key initiative that will enable councils to thrive in the digital world.

Next Steps

With Scotland Excel, the Digital Office will be convening a User Intelligence Group to develop the specification and take the project to the next stage. Scotland Excel's extensive experience in public procurement will be instrumental in shaping a robust and effective framework that meets the diverse needs of councils and other public sector bodies. If you would like to find out more about this project, please get in touch at info@digitaloffice.scot.