CSOC – Cyber Security Operations Centre
The Cyber Security Operations Centre (CSOC) was established in the Australian Signals Directorate (ASD) as an initiative of the Australian Government’s Defence White Paper to mitigate the cyber threat to Australia’s national security.
In the past decade, the growing importance of operations in cyber space has become increasingly apparent. Our national security is under threat from a range of cyber actors. Our adversaries are often well resourced, highly skilled and able to defeat commercially-available security solutions.
The role of the Cyber Security Operations Centre
CSOC has two main roles:
- to provide government with a better understanding of sophisticated cyber threats against Australian interests
- to coordinate and assist operational responses to cyber events of national importance across government and systems of national importance.
CSOC operations also complement ASD’s other information security activities.
Detecting and responding to sophisticated cyber threats
CSOC identifies malicious activity conducted by sophisticated foreign hackers by using advanced analytic capabilities and techniques. The workforce includes staff highly trained in computer information technology and analysis. This, together with ASD’s high powered computing resources, ensures the centre is able to process large volumes of data to identify cyber threats. ASD used this information to proactively and reactively respond to cyber threats.
CSOC has embedded representation from a number of Defence and other government agencies involved in assessing the threat to, and the protection of, Australian interests from sophisticated foreign threats. CSOC includes personnel from the: