A security operations center (SOC) is a central location where an IT security team observes, identifies, analyzes, and deals with security incidents – around the clock. A SOC resolves problems in real-time, and, at the same time, constantly works to find options for optimizing a company’s security status.
At one industrial company, IT was already being monitored via a dedicated SOC, but monitoring for the heterogeneous OT landscape was pending. There was a great amount of uncertainty with regard to necessary functions, service levels, and architecture.
As a result, the first step was to work out the special requirements
for the production landscape and the integration process. The key criteria in this context were within the required scope, meaning the system’s size and level of detail; the complexity of the implementation process; options for integration with the current IT system; the provider’s stability in terms of its ability to ensure long-term collaboration; specific experiences in the OT SOC area; references; the approach to handling data security; and, finally, an attractive amount of value for money.
In the second step, Bosch experts conducted analysis as well as pressure tests with suppliers. Finally, an anonymous RFQ was carried out, a short list of candidates created, and provider presentations for two above-average performers (in a market study) organized.
Through a look-up in CyberCompare’s database of trusted service providers, a qualified provider with expertise in OT was identified, and a clear and transparent price comparison resulted in savings of just under GBP 1.7 million compared with the original bid.