Úloha súkromných SOC v národnej kyberobrane

Cyber defense is no longer an abstract topic but a reality affecting states and hospitals alike. A speaker from the University of Public Service in Hungary showed that military and cyber operations overlap and that it will not be possible without private security centers. According to him, Europe faces a decision about how quickly to join forces, share information, and make use of available funding.

Cyber warfare and critical infrastructure

Since 2022, we have been watching kinetic warfare in Ukraine combined with attacks in cyberspace, including interventions in the energy sector. Recent reports confirm similar trends: the UK’s National Cyber Security Centre labeled attacks on critical infrastructure as the main risk, and in Denmark they analyzed a wave of ransomware affecting dozens of key operations. The attackers’ goal is to paralyze society and the economy, sometimes in parallel with military operations. If infrastructure is to be resilient, cyber defense must be as robust as physical defense.

Private SOCs and the European response

Experience from Ukraine shows that defending national cyberspace is difficult without the private sector. Domestic teams as well as major tech companies like Microsoft, AWS, and Google joined the defense, and allies, including US Cyber Command, also cooperated. Security Operations Centers (SOCs) outside the public administration thus play a key role in detection, response, and recovery.

The European Union is introducing a model to strengthen this cooperation. The Digital Europe program, the proposed Cyber Solidarity Act, and the European Cyber Shield initiative envisage interconnecting public and private SOCs and making massive investments in their capacities. We are talking about billions of euros intended to accelerate the deployment of capabilities across member states.

Obstacles: sharing, people, technology

The biggest weakness is information sharing between the state and companies. Classified data does not reach private actors, and companies in turn are reluctant to hand sensitive insights back to the state. Involving private teams in public operations is therefore complicated, although crisis situations (e.g., during COVID) have shown that joint exercises and the state’s presence at operators can work. Another challenge is motivating top experts from business to contribute to national defense and volunteer their participation.

Technologically, we are facing the rapid adoption of artificial intelligence, but public procurement takes years and the market often sells "AI" that is in reality just rules or machine learning. International cooperation is gradually getting underway, but it needs greater scale and regularity. The NIS2 Directive sends a clear signal: managed security services (incident response, penetration testing, audits, or consulting) will have obligations and methodological requirements and must cooperate with the state. Attacks will increase, from phishing to zero-days, and without coordination and the use of available European funds, our unpreparedness will cost us dearly.

The role of private SOCs in national cyberdefense

Cyber warfare and critical infrastructure

Private SOCs and the European response

Obstacles: sharing, people, technology

Csaba Krasznay

The role of private SOCs in national cyberdefense

Cyber warfare and critical infrastructure

Private SOCs and the European response

Obstacles: sharing, people, technology

Csaba Krasznay

Páčil sa ti článok? Zdieľaj ho a povedz o ňom aj ostatným