Why this is a game-changer for cybersecurity management. Credit: Getty Images By Andy Nallappan, Chief Technology Officer and Head of Software Business Operations, Broadcom Software In December 2021, Broadcom Software published our blog: Predictions for 2022. We will now explore each of these predictions in more depth with this blog series. This month our topic is the Cyber Defence Centre. Enterprises and operators of critical infrastructure have long been on the front lines of cybersecurity. Most recently, new threats have been identified through our Symantec Threat Hunter team, including Lazarus, Verblecon and Daxin. And of course, the previous attacks forcing major service interruptions on large infrastructure. More CEOs and boards of directors are taking direct oversight of cybersecurity to avoid becoming a victim of a crippling cyberattack. But putting plans in place to respond to cyber threats and establish controls that align with the organization’s overall business objectives, is often easier said than done. In their planning to get their security house in order, the task can be overwhelming. Indeed, despite the increased attention to corporate security, common vulnerabilities still leave most corporate networks open to breaches. A global problem Clearly, cybersecurity is a shared, global problem, one that demands a concerted, global response. This is why the availability of a new framework to equip members with the proper training, services, and technologies marks a major advance. The Cyber Defence Centre (CDC) framework is the outgrowth of collaborative work at the International Telecommunication Union (ITU), the arm of the United Nations responsible for all matters related to information and communication technologies. The framework that ITU delegates came up with isn’t just theoretical, it provides a scoring system to help CDCs determine how and by whom security services are implemented, including insourcing, outsourcing, or some combination of the two. It also indicates how a CDC should determine and implement security services to enable the security of an organization. The document gets granular at times – but that’s what’s needed – codifying the services will help accelerate or align capacity building efforts. The framework establishes a state-of-the-art, multilingual, global governance approach that’s available to everyone. With this document as their guide, organizations can lay out the build, management and evaluation processes that go into making a successful CDC. Ultimately, it removes any guesswork about what to do next. Of course, there’s nothing mandatory here. Organizations are still responsible for setting their own policies and are free to decide how they want to allocate their resources. But for the first time, they can turn to a globally approved blueprint to step them through the process of everything from strategic management to incident response to their relationship with external parties. A common language Outsiders hearing about this for the first time may well ask themselves why organizations haven’t been able to figure this out by themselves. They do. But each organization is likely to go its own way. Indeed, when we ask CISOs to define what a security operation center (SOC) is or should be, the answers are all over the map. That presents problems because if you don’t have a common language to describe the job for each constituency (private and public organizations) in a security context, countries and regions won’t be able to effectively organize and collaborate around cyber defense. But with a framework providing a guideline to build their security capabilities, organizations can be confident that they’re conducting their SOC transformation around a common framework. What’s more, they will be able to: Quickly achieve agreement, buy-in, and defuse personal preferencesGuide future decision-making and help achieve success even if there are team conflictsAttract top job candidates who want to work for a best-in-class SOC built upon this world-class industry framework The future is here Given how rapidly the cybersecurity world is changing, fragmented organizational responses won’t be enough to fend off today’s global threat actors. That’s why the CDC is going to be a game-changer when it comes to cybersecurity management for 2022 and beyond. To learn more on how Broadcom Software can help you modernize, optimize and protect your enterprise, contact us here. See more about Why Broadcom Software is Optimistic About Global Standards in Cyber Security About Andy Nallappan: Broadcom Software Andy is the Chief Technology Officer and Head of Software Business Operations for Broadcom Software. He oversees the DevOps, SaaS Platform & Operations, and Marketing for the software business divisions within Broadcom. Related content brandpost Sponsored by Broadcom Generative AI and the Transformation of Everything Insights on innovations in the Broadcom product portfolio By Alex Au Yeung, Chief Product Officer, Symantec Enterprise Division Oct 24, 2023 5 mins Generative AI brandpost Sponsored by Broadcom Implications of generative AI for enterprise security The rise of generative AI By Alex Au Yeung, Chief Product Officer, Symantec Enterprise Division Oct 10, 2023 5 mins Generative AI brandpost Sponsored by Broadcom Mitigating mayhem in a complex hybrid IT world How to build a resilient enterprise in the face of unexpected (and expected) IT mayhem moments. By Greg Lotko, Senior Vice President and General Manager, Mainframe Software Division Sep 26, 2023 7 mins Hybrid Cloud brandpost Sponsored by Broadcom Artificial Intelligence in Cybersecurity: Good or Evil? Approaching generative AI from a security perspective By Rob Greer, Vice President and General Manager, Symantec Enterprise Division Sep 12, 2023 6 mins Artificial Intelligence Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe