The Defence department has issued a request for information on a cyber event management and reporting system for the cyber security operations centre of the Defence Signals Directorate.

It was a step towards buying such a system and asked participants to nominate suitable solutions, express their benefits and the proximate costs of their implementation.
In the document, the Defence Intelligence and Security Group said solutions must handle "substantial data rates" and allow operators to "view all reported or detected cyber events".
The system must be flexible to handle known formats and those yet to be conceived, "ingest" system logs, accept manual data entry and spit out the results such that it could be analysed.
The specification called for a system that enabled the formation of taskforces to work on a problem, "create new tasks relating to cyber events, assign tasks to staff or teams and link tasks to a workflow", the document said.
The successful solution will hold all its data for long periods of time and will work with other "knowledgebases" to enable staff to search across repositories and create statistical models of the data.
And the solution will work on commodity hardware and be future-proof to support "evolving business processes and the addition of new custom analytic tools".