Claranet | If you’re not looking, who is?

March 2, 2020 Claranet Limited

Unfortunately, the story usually goes “we got infected with ransomware, it was only when we got in on Monday that we realised, and by then it was too late.” Most organisations are aware of the importance of good cyber security practices, but many are still underprepared for the “when and not if”. Keeping a constant eye on what is taking place on your network is the best way to contain an attack.

______________________________________________________________________________________________________

Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time.

(Cybersecurity Ventures)

82% of employers report a shortage of cybersecurity skills.

(ISSA)

______________________________________________________________________________________________________

With technology available to capture logs and give you real time alerts when there is potentially malicious activity on your network, the task for identifying and then containing a breach seems simple. The reality, in fact, is that skilled resource is scarce and hard to retain, and time is of the essence when it comes to reacting to an attack. GDPR requires breaches to be fully reported within 72 hours.

______________________________________________________________________________________________________

The top 6 business challenges we see

  1. Not enough time or capability to respond using existing IT resource
  2. Difficult to convert business need into the right technical scope
  3. Understanding what is needed, on a technical level
  4. The spiraling volume and complexity of attacks is increasing the average dwell time of an attacker, increasing risks further
  5. Difficulty in securing budget for managed security services
  6. Justifying the ROI of security services

______________________________________________________________________________________________________

The top 6 questions we get asked

  1. Can you detect threats on a 247x365 basis?
  2. How quickly will you respond?
  3. What certifications do you carry?
  4. Can you help me with my PCI compliance?
  5. Will you be able to cover my hybrid network?
  6. How do you differentiate from the competition?

______________________________________________________________________________________________________

Right-sizing the scope is critical

Networks are complex and the volume of data is enormous so identifying what should and should not be in scope for centralised log collection and analysis can be difficult. Often, installations are either over-scoped, increasing cost and complexity or under-scoped increasing the potential for an attack to go undetected. With limited understanding of how attacks evolve and which systems to collect data, tailoring the right solution can be a painful, time-consuming, and costly exercise.

MTTD and MTTR are critical KPIs

Managed Detection and Response services supplement your team with skilled security professionals whose only task is to spot the potential for an attack and contain in the shortest time possible. Outsourcing detection and response provides immediate value:

  • Extended security team capable of Threat Hunting, Vulnerability Analysis, Attack Investigation and Response
  • 247x365 alerting to potential attacks
  • 15 minute SLAs for critical issues
  • Established processes and technology stack to reduce the time to value
  • Mean time to detection (MTTD) and Mean time to respond (MTTR) reduced to hours rather than months or years

______________________________________________________________________________________________________

Our customers’ drivers for managed security services

Regulations and Compliance

  • PCI DSS mandates the collection and human analysis of logs for malicious activity
  • ICO and GDPR fines are now so significant that investing is cheaper than the fine
  • FCA, NHS, LocalGov all have standards that recommend or mandate that log aggregation and analysis is embedded in the security strategy
  • GDPR requires breaches to be fully reported within 72 hours

Brand, reputation and revenue protection

  • Implementation of a Managed Detection and Response (MDR) service is a requirement to assure revenues from existing customer relationships or to access specific markets e.g. SaaS providers
  • Breach prevention is a protection of the reputation and brand of an organisation. The average share price drops by 8% for example (link)
  • Reduce the cost of the breach. Most breaches are the result of nuisance attackers or collateral damage from indiscriminate attacks. Some though, are “acts of war” as in the case of NotPetya. The costs for DLA Piper ran into millions of pounds but because the attack was launched by the Russian Government, UK insurers deemed it an “act of war” and therefore refused to pay for the losses (DLA Piper denied insurance)
  • 2019 Verizon Data Breach study, nation state attacks have increased from 12 percent of attacks in 2017 to 23 percent in 2018. In house detection is the first line in the insurance strategy

______________________________________________________________________________________________________

Call to discuss your requirements with our security consultants

Get an accurate solution design, contextual with your unique business challenges.

______________________________________________________________________________________________________

Book a Proof of Concept or an Initial Needs Analysis assessment

If you are not sure what you need or are building a business case for Managed Detection and Response services, it is essential that the needs analysis is thorough. We will map out your environment including people, processes and technology enabling you to specify the right solution.

______________________________________________________________________________________________________

Claranet network, security and cloud credentials

  • 20+ years in cybersecurity
  • 3 SOCs across UK, Portugal and France
  • Founding member of CREST
  • CREST Certified SOC provider
  • 70+ cybersecurity experts
  • References and experience across all verticals
  • One of 5 companies globally to carry AWS, Azure, and GCP accreditation

___________________________________________________________________________________________________

Previous Tweet
Claranet
Claranet

As traditional working patterns and daily life changes, cybercriminals are exploiting the COVID-19 outbreak...

Next Tweet
Claranet
Claranet

Remote doesn't mean removed. Especially when your organisation's security is at stake. Talk to us about ou...