Integrated Security Operations Centers (ISOC)
The watchdog of electrical assets
BY RALPH KING, Electric Power Research Institute
Security operations centers (SOCs) are common in corporate information technology (IT), physical security, and industrial control environments. Many organizations have one or more of these individual SOCs responsible for defined physical regions or business functions. SOC capabilities range from providing basic environment or equipment status indicators to operating complex information gathering, analysis, alerting, and coordinating event responses.
However, as the quantity and types of information and cyber-physical systems continue to grow, the complexity of the individual systems and their interactions and interdependencies makes human-to-human coordination of the disparate elements nearly impossible.
A critical challenge for many electric sector participants is the wide gap in historical approaches to managing each internal business unit’s system. For example, it is normal for the information technology (IT) department to have major systems off line for a few hours each week to apply patches or system upgrades, but this common IT practice is inappropriate for management of an electric grid.