CenturyLink has announced plans to open a security operations centre (SOC) in Singapore, which will be its first such facility to showcase user and entity behavioural analytics to identify insider threats.
The new site will be one of the vendor's eight SOCs worldwide and second in Asia-Pacific, after its Bangalore facility, according to Matt Gutierrez, CenturyLink's Asia-Pacific senior managing director.
Scheduled to be operational in January 2019, the Singapore centre would support enterprise customers in the region, which previously would have been served out of its SOCs in London or Denver, he said in an interview with ZDNet.
The new facility also would be the first to house employees who were trained on CenturyLink's full product suite since its acquisition of Level 3 in October 2016.
Gutierrez said the acquisition boosted the company's network footprint to become one of the world's largest IP traffic carriers, placing it in a position to analyse traffic flow and better identify potential threats.
CenturyLink said it currently collects 114 billion NetFlow records a day, capturing 1.3billion security events daily and monitoring 5,000 known C2 (command-and-control) servers. The vendor also responds to some 120 DDoS (distributed denial-of-service) attacks each day and removes nearly 40 C2 networks per month.
The ability to better predict potential threats, hence, was crucial to proactively address these and notify enterprise customers of the risks, Gutierrez said.
"CenturyLink's predictive SOC adds to a growing ecosystem of cybersecurity companies establishing technical capabilities in Singapore," said Ang Chin Tah, director of infocomms and media at Economic Development Board.
"In addition, the centre will create opportunities for Singaporeans to be trained in sought-after cross-industry skillsets such as incident analysis, incident management and response, and threat intelligence."