Digital Security: Without an SOC, It Gets Risky

A Security Operations Center (SOC) is a specialized unit within a company that is responsible for monitoring IT security, detecting threats, and initiating countermeasures around the clock.

The SOC team uses specialized tools such as SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response)to analyze security-relevant data in real time and respond to threats automatically.

A modern SOC is also responsible for implementing and complying with key security standards and legal requirements – such as ISO 27001 and the new EU directives NIS2 (Network and Information Security) and DORA (Digital Operational Resilience Act).

In addition, SOC experts work closely together to assess security incidents quickly, implement structured response plans, and continuously improve systems. In this way, digital security is sustainably strengthened, and the risk of data loss or outages is significantly reduced.

In short: the SOC is the control center for your digital security. It ensures:

• Permanent monitoring of all security-relevant processes

• Immediate detection, evaluation, and response to threats

• Standardized response plans for typical attacks

• Clear communication channels – internal & external

Here you’ll find real expert tips to maximize your application security.

In July 2025, airline Qantas fell victim to a major cyberattack. Unauthorized individuals gained access to personal data of around six million customers via the call center system of a third-party provider – including names, email addresses, phone numbers, dates of birth, and frequent flyer numbers. Qantas confirmed the incident and that the attackers had made contact, but did not comment on potential ransom demands (source: The Guardian).

What was the problem?

The attack exploited a classic vulnerability: the interface to an external service provider. Without continuous security monitoring, the access initially went unnoticed.

Had a dedicated Security Operations Center been in place, the SOC team could have detected suspicious activity – such as unusual login attempts – in real time. Monitoring tools would have automatically interrupted the session and alerted the security team. The attack could potentially have been stopped before any sensitive data was leaked.

Conclusion from the Qantas case:

Without an SOC, central monitoring is lacking. Especially for customer portals with sensitive data, this poses a serious risk to your entire digital security strategy.

Learn how to identify cyber threats in complex IT environments here.

If you want to implement a Security Operations Center for your company, this compact checklist can help:

1. Clarify responsibilities – Who leads the SOC and who is operationally responsible?

2. Select monitoring tools – e.g. SIEM, SOAR, log analysis

3. Set up alerts & dashboards – Keep an eye on relevant threats at all times

4. Document response plans – What to do in the event of phishing, DDoS, or data leaks?

5. Use automation – e.g. automatic account locking in case of suspicious behavior

6. Test & improve regularly – An SOC is not a project, but an ongoing process

Digital customer portals are now a central part of many business models – whether for orders, services, or contract management. All the more important to secure these platforms professionally. The incident at Qantas shows how quickly a security gap can be exploited – and how great the damage is when no team is ready to respond swiftly.

A Security Operations Center does exactly that: it detects attacks early, initiates countermeasures, and protects your customers’ sensitive data. It ensures clear structures and defines who acts when and how – in emergencies and day-to-day operations. In short: an SOC is not a "nice to have", but a must if you take digital security seriously. The sooner you start, the better protected you are.

Want to know what an SOC could look like for your customer portal?

Our diva-e Conclusion experts support you from strategy to implementation.