Embed Size (px)
Citation preview
ACTIVE SECURITY MONITORING
Protect your information assets with real-time threat detection.
2
HOW DO YOU KNOW YOU’VE BEEN HIT BY AN ATTACK?
In most instances, you do not, and your data has already been sold on the black market. Various attempts to breach your security affect your systems daily. Some cyber attacks are not successful, but some are. Then the consequences can lead to devastating loss of brand credibility, affecting your clients, shareholders, and other investors.
ARE YOU AWARE OF THE THREATS?Security breaches are now becoming such a widespread problem that companies experience an increasing number of security incidents that threaten their traditional security information and event management systems (SIEM) in their IT infrastructures.
Yet companies continue to underestimate the scale of the challenge. 1 A March 2014 report by the U.S. Senate concluded that Target, the retail corporation affected by one of the most serious security breaches in 2013 in which 40 million credit card details were stolen, was grossly negligent and missed several tell-tale signs that their systems were being compromised.
The reason behind this is that company executives simply do not have the expertise or the time to monitor whether their online activities are adequately protected. 2 The 2013 PWC survey of US executives found out that half of them reported an increase in security breaches.
OUTSOURCING OF YOUR SECURITYCompanies are equipped with the various IT systems like servers, networks, firewalls, and intrusion detection or prevention systems. It is common that these systems live their own life and generate huge amounts of log messages that are not read, or even analyzed, because it is impossible to operate 24/7, costly to employ the teams of security experts and ineffective to switch this responsibility to in-house staff who focuses on the normal daily operations.
This situation has given rise to a trend where firms stop relying on in-house expertise. With the growing number of specialist tools to detect used in cyber attacks, companies are now turning to a new trend in cyber security protection: managed security service provider (MSSP).
What is MSSP?Managed security service provider includes round-the-clock security monitoring and management of intrusion detection systems and firewalls, overseeing patch management, performing security assessments and security audits, and incident management including emergency response and forensic analysis.
[ 1 ] NBCNews.com. (2014, March 25). Target Missed Many Warning Signs Leading to Breach: Senate Report. Retrieved from http://www.nbcnews.com[ 2 ] PricewaterhouseCoopers LLP. (2014). Adapt to the new realities of cybersecurity. Retrieved from http://www.pwc.com/cybersecurity
3
Active security monitoring A managed service, which uses a combination of automated analysis and human intelligence to detect security breaches
Logs and events are collected from the client’s devices, then encrypted to be transported for a two-level analysis in a Cyber defense center
We provide our client with the relevant and clear information on the threats to his system
Our service makes sure you are safe and free to focus on your core business while we take care of everything else
1. COLLECTINGA monitoring agent is installed directly to the client’s server. The agent is a piece of software, which collects logs and events and sends them to an encryption box.
2. SECURE TRANSPORTPhysical or virtual encryption box is connected to client’s IT infrastructure. Its purpose is to transport logs in a secure way through the Internet into a Cyber defense center (CDC).
3. ANALYSIS & ACTIONThe CDC plays the crucial role in our solution because it is the place where ‘the alarm goes off’ for every suspicious behaviour. In the CDC, logs are analyzed on two levels. The first one is automatic analysis, which is still improving and adapting to the newest trends, and the second one is manual analysis through our certified IT security specialists operating 24/7.
Based on agreed conditions, specialists contact the customer and report the problem immediately. The serious incident/event is isolated in the CDC. Some customers prefer the full package, including an additional emergency response team. It is the active second level of support, which analyzes the incident deeply, blocks the attacker, stops the spreading, collects all the evidences, and helps to recover.
BENEFITS Saving time, money and human resources
Certified and high skilled security-cleared personnel to confidential level
Real-time monitoring and round-the-clock (24/7) operation
Immediate response time
Easy-to-read reports to the management on the company’s cyber-security status
Vulnerability management
CDC specifications Creates the core of our solution Meets highest security requirements according to ISO 27k Round-the-clock (24/7) monitoring Immediate response time Transparent for the client
4
Binary Confidence has recruited the best experts in CDC: Security-cleared personnel to confidential level Former European Commission crypto security service experts CISSP® (certified information systems security professional) CEH (certified ethical hacker) ITIL® CCD COE (NATO Cooperative Cyber Defence Centre of Excellence)
Binary Confidence s.r.o.Špitálska 53, 811 01 BratislavaSlovak Republic
About the company
Contact us
Binary Confidence is a fast-growing managed security services provider founded by professionals with government and private sector experience in combating security breaches, cyber fraud and cyber crime.We provide our clients with remote cyber security monitoring.
© 2014 Binary Confidence. All Rights reserved
