Managed security service providers (MSSPs) provide around-the-clock security monitoring and management that companies cannot achieve in-house. MSSPs collect logs and events from a client's devices, encrypt the data, and transport it to a cyber defense center for automated and human analysis. Any threats detected are immediately reported to the client. This outsourcing model saves companies time and resources while providing certified security expertise to protect systems and detect breaches.
2. 2
HOW DO YOU KNOW
YOU’VE BEEN HIT BY
AN ATTACK?
In most instances, you do not, and your data has already
been sold on the black market. Various attempts to
breach your security affect your systems daily. Some
cyber attacks are not successful, but some are. Then
the consequences can lead to devastating loss of brand
credibility, affecting your clients, shareholders, and
other investors.
ARE YOU AWARE OF THE THREATS?
Security breaches are now becoming such a widespread
problem that companies experience an increasing
number of security incidents that threaten their
traditional security information and event management
systems (SIEM) in their IT infrastructures.
Yet companies continue to underestimate the scale of
the challenge. 1
A March 2014 report by the U.S. Senate
concluded that Target, the retail corporation affected
by one of the most serious security breaches in 2013
in which 40 million credit card details were stolen, was
grossly negligent and missed several tell-tale signs that
their systems were being compromised.
The reason behind this is that company executives
simply do not have the expertise or the time to monitor
whether their online activities are adequately protected.
2
The 2013 PWC survey of US executives found out that
half of them reported an increase in security breaches.
OUTSOURCING OF YOUR SECURITY
Companies are equipped with the various IT systems like
servers, networks, firewalls, and intrusion detection or
prevention systems. It is common that these systems
live their own life and generate huge amounts of log
messages that are not read, or even analyzed, because
it is impossible to operate 24/7, costly to employ the
teams of security experts and ineffective to switch
this responsibility to in-house staff who focuses on the
normal daily operations.
This situation has given rise to a trend where firms stop
relying on in-house expertise. With the growing number
of specialist tools to detect used in cyber attacks,
companies are now turning to a new trend in cyber
security protection: managed security service provider
(MSSP).
What is MSSP?
Managed security service provider includes round-the-
clock security monitoring and management of intrusion
detection systems and firewalls, overseeing patch
management, performing security assessments and
security audits, and incident management including
emergency response and forensic analysis.
[ 1 ] NBCNews.com. (2014, March 25). Target Missed Many Warning Signs Leading to Breach: Senate Report. Retrieved from http://www.nbcnews.com
[ 2 ] PricewaterhouseCoopers LLP. (2014). Adapt to the new realities of cybersecurity. Retrieved from http://www.pwc.com/cybersecurity
3. 3
Active security monitoring
A managed service, which uses a combination of
automated analysis and human intelligence to detect
security breaches
Logs and events are collected from the client’s
devices, then encrypted to be transported for
a two-level analysis in a Cyber defense center
We provide our client with the relevant and clear
information on the threats to his system
Our service makes sure you are safe and free to
focus on your core business while we take care
of everything else
1. COLLECTING
A monitoring agent is installed directly to the client’s
server. The agent is a piece of software, which collects
logs and events and sends them to an encryption box.
2. SECURE TRANSPORT
Physical or virtual encryption box is connected to
client’s IT infrastructure. Its purpose is to transport logs
in a secure way through the Internet into a Cyber defense
center (CDC).
3. ANALYSIS & ACTION
The CDC plays the crucial role in our solution because
it is the place where ‘the alarm goes off’ for every
suspicious behaviour. In the CDC, logs are analyzed on
two levels. The first one is automatic analysis, which is
still improving and adapting to the newest trends, and
the second one is manual analysis through our certified
IT security specialists operating 24/7.
Based on agreed conditions, specialists contact the
customer and report the problem immediately. The
serious incident/event is isolated in the CDC. Some
customers prefer the full package, including an
additional emergency response team. It is the active
second level of support, which analyzes the incident
deeply, blocks the attacker, stops the spreading,
collects all the evidences, and helps to recover.
BENEFITS
Saving time, money and human resources
Certified and high skilled security-cleared
personnel to confidential level
Real-time monitoring and round-the-clock
(24/7) operation
Immediate response time
Easy-to-read reports to the management
on the company’s cyber-security status
Vulnerability management
CDC specifications
Creates the core of our solution
Meets highest security requirements
according to ISO 27k
Round-the-clock (24/7) monitoring
Immediate response time
Transparent for the client