I am one of the Senior Shift Managers, who manage the 24x7 team of Security and Technical Operation Analysts. Our aim is to be the guardians of the network from a security and technical aspect. Essentially, we keep our business and industry safe. We help prevent downtime as much as we can for our customers and partners by proactively monitoring the network and spotting issues as early as possible. We also support the business and industry by providing data insight and ad hoc reports to help our operation partners in their business as usual (BAU) activity.
One of the areas we focus on from a security and network aspect is Anomaly Detection.
Due to our network being Critical National Infrastructure (CNI), meaning it’s necessary for a country to function and upon which daily life depends, a process is required to protect the network. This is achieved by Anomaly Detection Threshold, an area owned by our Security Operations Centre (SOC). This process helps us manage and maintain the volume of traffic across the network to prevent it from becoming overloaded, as well as to protect us against any attacks. It enables us to monitor how many service requests each customer sends over a certain time period and quarantines anything above. It also helps the DCC monitor the total figure across the industry that is allowed in a time period.
In this era of cyber-attacks, Anomaly Detection Threshold helps to protect our network and our customers. Keeping the network up and safe is beneficial for the DCC, our partners, our customers and the consumer, so by complying with our rules around Anomaly Detection, the customers are helping us to help themselves.
We produce and present a monthly Anomaly Detection report to the Security Sub Committee, who are part of SECAS and form part of the DCC’s governing authority. The report details analysis on quarantine and warnings from a Service Request and customer aspect. The report contains incident and network data and helps provide information on how our SOC team can engage with customers, so we can work alongside them to create a safer and more robust process.
One other area that we cover is Anomaly Detection Attribute, which protects customers from inadvertently sending incorrect settings to consumer devices, for example, very high tariffs.
A screenshot of our Anomaly Detection Monitoring Dashboard can be seen above. We monitor the time period, the Anomaly Detection Type, Global and Attribute, the customer, the Service Request Variant (SEV), the Region, and the Critical Indicator of the SRV.
Chris de Asha, Senior Shift Manager