Integration of Security Operations Centers (SOC) into Ukraine's national security system
DOI:
https://doi.org/10.33405/2786-8613/2025/1/5/336736Keywords:
security operations center (SOC), cybersecurity, national security, hybrid warfare, cyber attacks, critical infrastructure protection, threat monitoring, artificial intelligence, big data analysis, incident response, international cooperationAbstract
The article explores the integration of Security Operations Centers (SOC) into Ukraine’s national security system, emphasizing their role in strengthening cybersecurity resilience and protecting critical infrastructure. Given the increasing number of cyberattacks targeting Ukraine, SOCs serve as key components in detecting, monitoring, and responding to threats in cyberspace. The study analyzes the global experience of SOC implementation, particularly in the USA, EU, and NATO, where automated threat analysis systems, artificial intelligence, and big data analytics are widely employed to enhance cybersecurity operations [3, 6]. A significant part of the study is devoted to the challenges Ukraine faces in implementing SOCs, including insufficient funding, a shortage of qualified cybersecurity specialists, outdated legislation, and the need for integration with existing cybersecurity mechanisms [2, 4]. The article identifies key directions for SOC development in Ukraine, including the adoption of AI-driven cybersecurity technologies, expansion of international cooperation, and improvements in specialist training programs [5, 8]. The research also highlights the need for a comprehensive approach to SOC integration, focusing on centralized coordination between state institutions, private sector actors, and international cybersecurity organizations such as ENISA and CERT-UA. The authors emphasize the importance of implementing automated threat detection and response systems, developing machine learning models for cyber threat intelligence, and enhancing international collaboration in cybersecurity policymaking [3, 6].
References
CERT-UA (2017). Povidomlennia pro virus NotPetya: analiz i zakhody reahuvannia [Notification about NotPetya virus: analysis and response measures]. Kyiv. Retrieved from: https://cert.gov.ua (accessed 8 February 2025) [in Ukrainian].
CERT-UA (2022). Kiberzakhyst uriadovykh system pid chas viiskovykh dii [Cyberprotection of government systems during hostilities]. Kyiv. Retrieved from: https://cert.gov.ua (accessed 8 February 2025) [in Ukrainian].
ENISA (2021). Cybersecurity Guide for SOCs. Athens : ENISA. Retrieved from: https://www.enisa.europa.eu (accessed 8 February 2025) [in English].
CERT-UA (2020). Kiberzakhyst krytychnoi infrastruktury: pidkhody do reahuvannia [Cybersecurity of critical infrastructure: response approaches]. Kyiv. Retrieved from: https://cert.gov.ua (accessed 8 February 2025) [in Ukrainian].
Zakon Ukrainy "Pro natsionalnu bezpeku Ukrainy" № 2469-VIII [Law of Ukraine about the National Security of Ukraine activity no. 2469-VIII]. (2018, June 21]. Retrieved from: https://zakon.rada.gov.ua/laws/show/2469-19 (аccessed 8 February 2025) [in Ukrainian].
NCICC (n.d.). National Cybersecurity and Communications Integration Center. Retrieved from: https://www.cisa.gov (accessed 8 February 2025) [in English].
Sopilko I. M. (2021). Informatsiina bezpeka ta kiberbezpeka: porivnialno-pravovyi aspekt [Information security and cybersecurity: comparative legal aspect]. Yurydychnyi visnyk. Seriia: povitriane i kosmichne pravo, no. 59, 110–115. DOI: https://doi.org/10.18372/2307-9061.59.15603 [in Ukrainian].
Belkin L., Yurynets Yu., Belkin M., Kryvolap Ye. (2022). Spivvidnoshennia poniat "informatsiina bezpeka", "bezpeka informatsii", "kiberbezpeka" v konteksti bezpekovykh stratehii Ukrainy 2020–2021 rokiv [The correlation of the concepts "information security", "security of information", "cybersecurity" in the context of Ukraineʹs security strategies in 2020–2021]. Yurydychnyi visnyk. Seriia: povitriane i kosmichne pravo, no. 3 (64), 78–86. DOI: https://doi.org/10.18372/2307-9061.64.16893 [in Ukrainian].
Bulashenko A. V., Brui M. (2010). Informatsiina bezpeka [Information security]. Sumy : SumDU. Retrieved from: http://essuir.sumdu.edu.ua/handle/123456789/21090 (accessed 8 February 2025) [in Ukrainian].
Kisilevych-Chornoivan O. M. (2009). Informatsiina bezpeka ta mizhnarodna informatsiina bezpeka: problema vyznachennia poniat [Information security and international information security: problem of concept definition]. Yurysprudentsiia: teoriia i praktyka, no. 8 (58), pp. 11–18 [in Ukrainian].
Subbot A. (2015). Informatsiina bezpeka suspilstva [Information security of society]. Viche, no. 8 (388), pp. 29–31 [in Ukrainian].
Batechko O., Tsymbalenko N. V. (2016). Informatsiina bezpeka pidpryiemstva [Information security of an enterprise]. Kyiv : National University of Technologies and Design. Retrieved from: https://er.knutd.edu.ua/handle/123456789/4464 (accessed 8 February 2025) [in Ukrainian].
Zakharov Ye. (2013). Informatsiina bezpeka: shcho zakhyshchaiemo? [Information security: what do we protect?]. Svoboda vyslovliuvan i pryvatnist, no. 4, pp. 3–6 [in Ukrainian].
Shopina I. M. (2023). Informatsiina bezpeka tsyfrovoi transformatsii [Information security of digital transformation]. Naukovyi visnyk Lvivskoho derzhavnoho universytetu vnutrishnikh sprav (seriia yurydychna). Lviv : LDU VS, vol. 1, pp. 28–35. DOI: 10.32782/2311-8040/2023-1-4 [in Ukrainian].
Losev I. (2014). Informatsiina bezpeka: yak ukripyty [Information security: how to strengthen]. Den, no. 82-83, p. 19 [in Ukrainian].
Potapenko O. K. (2011). Derzhavna informatsiina polityka ta bezpeka [State information policy and security]. Visnyk Kyivskoho natsionalnoho universytetu imeni Tarasa Shevchenka. Seriia: filosofiia, politolohiia. Kyiv : KNU imeni Tarasa Sevchenka, vol. 102, pp. 48–51 [in Ukrainian].
Nesterenko O. (2011). Svoboda informatsii chy informatsiina bezpeka? [Freedom of information or information security?]. Svoboda vyslovliuvan i pryvatnist, no. 1, pp. 3–9 [in Ukrainian].
Solovii H. R. (2006). Mizhnarodna informatsiina bezpeka: polskyi dosvid [International information security: Polish experience]. Aktualni problemy mizhnarodnykh vidnosyn, vol. 65, no. 4.1, pp. 45–47 [in Ukrainian].
Hutsaliuk M. (2005). Informatsiina bezpeka u suchasnomu suspilstvi [Information security in modern society]. Pravo Ukrainy, no. 7, pp. 71–74 [in Ukrainian].
Hlushkov V. (2010). Informatsiina bezpeka (sotsialno-pravovi aspekty) [Information security (socio-legal aspects)]. Pravo Ukrainy, no. 9, pp. 311–313 [in Ukrainian].
Marakova I. I., Syropiatov O. A. (2006). Informatsiina bezpeka kompleksnykh system zviazku [Information security of complex communication systems]. Ukrainian Information Security Research Journal, iss. 8, no. 4 (31). DOI: 10.18372/2410-7840.8.4977 [in Ukrainian].
