The Ministry of Labour is building its own cybersecurity monitoring center to stop relying solely on updates, antivirus, and binders full of directives. The goal is to gain real visibility into what is happening on the network, respond to incidents faster, and unify protection across the entire ministry. The project is being developed with support from the recovery plan and aims to be operational before its official deadline.
From a checklist to real oversight
In government, security is often measured by a checklist: new computers, up-to-date systems, antivirus, and an e‑mail about phishing. That still does not mean we see what is happening on the network and can respond promptly. That is why the ministry is building a monitoring center to deliver visibility, context, and timely alerts.
Oversight is not just about buying tools, but about configuring and using them correctly. Processes are needed to define who does what, and people who can carry them out. Technology provides data, but decisions and interventions must be made by experts.
Project, timelines, and scope
The ministry joined a call under the recovery plan, signed a contract, and procured the technologies through a tender. Next comes the implementation and configuration phase, without which the tools would just “blink.” The ambition is to get the center up and running as soon as possible, without waiting for the project’s final deadline in March 2026.
The monitoring center will serve not only the ministry, but the entire departmental network of subordinate organizations. That is over 13,000 users in a complex infrastructure that the ministry manages centrally. Security services will therefore also be centralized to achieve a uniform level of protection.
What the SOC will deliver and what it will require
Key tasks include continuous monitoring, threat detection, and operational incident response. Analysis, sharing insights with partners, and raising user awareness beyond a single informational e‑mail are also important. The aim is not only to respond quickly, but also to prevent damage and costs. In practice, that means having clarity in the data and acting before a problem grows into a crisis.
The ministry is creating a specialized organizational unit and planning 24/7 operations, which will require a combination of an internal team and external support. The biggest challenge is recruiting and retaining people—the specialists are few and hard to attract to the public sector. The project therefore counts on appropriate remuneration and long-term sustainability even after its official end. Stable financial support will also be essential so that the new capacities become a permanent competency of the ministry.
