Foundation Projects

FCA: Establishing a SOC for Tonga 2024

CERT Tonga

This funding is for the establishment of a Security Operations Centre (SOC) for smaller and emerging Computer Emergency Response Teams (CERTs) in Tonga.

The initiative will help establish a baseline set of operational infrastructure for a SOC within the CERT. The emphasis is on the CERT staff doing most of the deployment work themselves based on a 'learn by doing' philosophy.

This helps build their human capacity (staff) as well as their overall technical capacity as a CERT (institutional).

Funds will primarily go towards hardware and equipment needed as these CERTs have limited financial resources for capital expenses. It is expected the CERT will make use of free and open source software such as Wazuh or Elasticsearch, and also contribute their learnings back to the community.

The Challenge in Tonga:

There is no Security Operation Center (SOC) infrastructure yet for CERT Tonga to collect, analyze and exercise Incident Response Plan (IRP), digital forensics analysis, and triage events and incidents before disseminating to constituents. 

Having a SOC would be critical and will help organize the coordination and orchestration of effort, based on available resources and staff. This will be crucial in developing a systematic approach and infrastructure to collect firsthand data and enforcing compliance and good governance to respective sectors. Realtime monitoring, 24/7 surveillance and reporting of data will be collected, analyzed and used for decision making, alerting and resiliency. 

The Tongan Partnership:

There will be collaboration arrangements supporting the project/activity implementation with local ISPs and vendors.

Related: