Security Operations Center high on Central Bank of India's IT plans

Will float tender for managed service provider in April 2010; outsourced security operations center to be fully functional by August 2010.

Leading Indian public sector bank Central Bank of India plans to set up a security operations centre (SOC) in 2010 to address its IT security risks. The bank has already obtained clearance for its security operations center, and is in the process of floating tenders for a managed service provider. Central Bank of India plans to float this tender in April 2010, and expects the security operations centre to be ready by August 2010. The managed service provider will not only set up a security operations centre, but also take care of hardware, software and people aspects.

Dr. Onkar Nath, chief - information security of Central Bank of India, informs that transactions and operations taking place at the bank need to happen in a controlled manner. Although the bank has sufficient security controls, it's difficult to keep track of generated logs. "Any lapses or breaches in these security systems will generate real time alerts. The security operations center will help us analyze logs in real time," says Nath. This security operations center will have dedicated hardware, specialized software as well as skilled personnel to aid centralized analysis of firewall, antivirus and intrusion detection system (IDS) logs. It will be able to generate high, medium or low alerts according to criticality of the situation. It will also keep tabs on internal threats.

Central Bank of India plans to outsource the security operations center mainly due to lack of expertise and resource crunch. "Only technology operations will be outsourced, whereas management remains with us. We will receive updates on a continuous basis, and the action required on particular alerts will be decided by us," informs Nath. The bank also plans to get security dashboards from the managed service provider. The security operations center's first phase will cover perimeter security. Tender amount for this project will be decided soon by Central Bank of India's management.

Read more on IT risk management