background Layer 1

Security Operation Center with People-Process-Technologies

Central Bank of Armenia
Project manager on the customer side
Komitas Stepanyan
IT&Cybersecurity Director
Year of project completion
Project timeline
March, 2021 - December, 2023
Project scope
30000 man-hours
Project goals were:
  1. Establish fully functional Security Operations Center
  2. Establish CSIRT team with certified professionals
  3. Implement Cyber Range Training Platform
  4. Establish a platform / Organize international cybersecurity conference
  5. Participate in different hackathons

Project Results
Currently we have:
  • Competent, young and enthusiastic team of 15+ people with diverse skills. Some of them has already certified, others will become certified till the end of this year.
  • Implemented Cyber Range training platform, which is available not for only Central Bank but for Public and Private sector as well.
  • A new SOC with defined processes, proper technologies and tools.

The uniqueness of the project

Worldwide, the cyber workforce shortfall is approximately 3 to 3.5 million people according to different sources. In this regard it was the most difficult challenge to hire, train and form a team of cyber professionals.
We adopted a novel approach to identify and nurture young talents, primarily students. We provided them with guidance, enabling them to develop their skills, ultimately forging a dynamic and adaptable team. This endeavor received substantial reinforcement from seasoned team members and coaches.

Used software
  1. Trellix solutions
  2. Special CSIRT training provided by Mandiant
  3. SimSpace: Cyber Range Platform

Difficulty of implementation
  • Сyber workforce shortfall
  • Hiring challenges
  • Acquiring technologies and hardware in the post-COVID-19 era, characterized by disruptions in supply chains
  • Implementation and integration of other, sometimes legacy systems challenges

Project Description

The Central Bank of Armenia (CBA) plays a pivotal role in ensuring the robustness and security of Armenia's financial sector and critical financial market infrastructure. With a long-term vision to fortify the overall cyber resilience of this sector, the CBA must expediently and accurately evaluate its cyber risk profile, encompassing people, processes, and technology. It aims to devise a comprehensive roadmap for enhancements, both within the CBA itself and throughout the broader financial sector. This strategic plan involves the establishment of a Cyber Security Operations Center (SOC) and a Cyber Security Incident Response Team (CSIRT).

The most pressing and widespread issue in every market globally revolves around the acute shortage of adequately trained and qualified cybersecurity professionals who can efficiently operate and manage SOC and Incident Response teams. To address this challenge, the CBA is embarking on diverse training programs. In a groundbreaking initiative, the CBA is working towards the implementation of an on-premises cyber range training platform, designed to nurture a larger pool of cybersecurity talents. The primary goal is not limited to serving the CBA alone but extends to benefit the entire financial sector and the country as a whole.

Simultaneously, efforts are underway to establish a Cyber Defense Center. The underlying objective of the Cyber Defense Center Development service is to empower the CBA in more effectively managing its security processes and proactively addressing forthcoming cyber threats. This is achieved through the establishment of a Security Operations Center (SOC) to:

  • Enhance Defense Posture: The SOC seeks to identify and rectify vulnerabilities in security monitoring and response capabilities, thus bolstering its capacity to ward off advanced cyber threats.
  • Foster Consensus on Security Improvements: By sharing knowledge and prioritizing enhancements, the CBA endeavors to promote internal collaboration and communication, ensuring that security improvements are universally embraced.
  • Mitigate the Impact of Security Incidents: The SOC's core purpose is to augment its capabilities in detecting and responding to security incidents, thereby minimizing cyber risks and safeguarding the financial sector.
Important: More details are more specific and can not be provided!
Yet another outstanding achievement worth noting is our newly formed team's participation in the Cyber Security Tournament organized by Rostelekom Solar company. Among 40 competing teams, only five advanced to the finals, and our team secured a commendable third-place finish, narrowly missing the second-place spot to a highly competitive team by just a few points.

Project geography
This project is primarily focused on Armenia; however, it also brings additional benefits through collaboration with various FinCERTs
Additional presentations:
How to built SOC.pdf
The international IT professionals' community has announced the 'Top 100 IT Leaders' project. It is a global initiative that allows top IT managers to share their experience, expand their professional network and showcase the best digitalization practices of their companies. Here we will answer the basic questions about the project.

The editors of Global CIO discussed with Ahmet Hakan Göral, CIO at Boutique Rugs and winner of the Project of the Year 2023 contest, his current projects, the approach to digital transformation and the specifics of the role of CIO in retail.

April was full of new initiatives from vendors as well as some fascinating news on the technology front. With Olympics in Paris approaching, more  news will be flowing in from the capital of France.

Given the current job market situation, one may find a need to maintain a strong LinkedIn profile. AI can streamline the process and make it easier to connect with the right people and opportunities.

The integration of Artificial Intelligence (AI) into business operations marks a transformative era, enhancing efficiency and innovation across industries. From revolutionizing HR with automated recruitment to aiding early disease detection in healthcare, AI's impact is profound. It enables predictive cybersecurity, personalized customer interactions, and accelerated software development in IT. 

We use cookies for analytical purposes and to deliver you the best experience with our website. Continuing to the site, you agree to the Cookie Policy.