We are used to the fact that the SOC is the center for responding to external incidents in the field of information security. At the same time, many people forget that incidents can be internal, and every year statistics invariably show that there are many times more of them. To track and prevent information leaks, it is important to use DLP (Data Leak Prevention) systems, which are easiest to develop according to the SOC model, transferring the maintenance functions to a service provider.
Anna Popova, head of the DLP Infosecurity a Softline company block, spoke about the DLP system as the core of the internal incident response center.