Security threat
IT is the foundation of the modern workplace. Business operations depend on it and employees expect it to be working smoothly, all of the time, in order for them to carry out their jobs. This is why unauthorised changes to your infrastructure, business systems or website can cause significant disruption.
Unauthorised changes can occur both internally or externally, by malicious intent or by accident. Employees with IT privileges may, in an attempt to speed up working practices, inadvertently make changes or upgrades to systems which alter the effectiveness of the security controls in place. In some cases, insiders may deliberately carry out unauthorised changes to cause disruption. External hackers, if successful in breaking through your network perimeter, may tamper with system settings or website coding to make your IT more vulnerable to future attack. Unnoticed, these changes could lead to serious consequences further down the line. Tracking these back and reconciling changes against formal change management processes and systems is crucial in identifying those which are accidental versus those with a more targeted and malicious intent.
Protection against the potential consequences lies in being able to detect any successful or attempted changes that take place within your network, so that you can react in time to prevent any negative increase regarding IT infrastructure impact. But keeping tabs on every action to spot unauthorised access can be a complex and wide-reaching task. That’s where a Security Operations Centre can really help.
How we help
24hr SIEM monitoring and reconciliation helps our SOC team to detect any changes in your network or business systems.
We help you establish user profiles and privileges so that your employees have access only to the business systems they need to carry out their roles, minimising the number of people who have access to any one part of your IT.
With experts on watch around the clock, we provide a quick response to any threats detected before they result in business disruption.
An audit trail linked to user privileges provides employee accountability – helping to trace when unauthorised changes took place and who made them, so the appropriate course of action can be taken.
Intrusion detection and prevention technology (IDS/IPS) flags up and blocks any attempts to breach your perimeter, preventing unauthorised access to your network.
End user trust management delivered as part of our SOC solutions helps protect your business from internal threats, preventing unauthorised access to data and systems.
Our SOC experts use human intellect to contextualise events detected by the security technologies in place in your business, so they can spot anything out of the ordinary.
Our cyber security tools natively integrate with the most widely-used business systems and clouds, and we can also create custom connections for more bespoke services, helping us to keep watch across your complete IT stack.
Benefits
Ongoing monitoring of your IT for unusual activity.
Confidence that changes won’t go unnoticed.
Technology simplifies the task for your IT or security team.
Control over access and user permissions.
Traceability so that changes can be rectified.
Protection against internal and external threats.
Our universe of SOC solutions
Our Managed Services align you with a world-class security operations centre (SOC) solutions tailored to your business and budget. Both tech and team work in tandem to solve security challenges, combining intelligent analysis with vigilance and real-time remediation. Proud to deliver affordable, enterprise-grade solutions, we have a SOC for everyone.
Following an initial assessment of your IT environment, needs and budget we define a suite of bespoke SOC offerings that includes the right balance, number, and combination of solutions to meet your business objectives.
Mars
2 protections
Jupiter
3 protections
Saturn
4 protections
Uranus
5 protections
Neptune
6 protections
Essential
Our entry-level offering, Essential SOC services help your business take the first steps to stronger security. Preventative tech, managed by an expert team, reinforces what you have today.
Professional
Our Professional SOC services take your security to the next level by identifying, investigating and quarantining threats both inside and outside your business.
Enterprise
A bespoke, premium service, our Enterprise level SOC offering delivers proactive cyber threat hunting, analysis, and remediation in real-time. It’s the ultimate in IT protection.
The SOC to fit your need and budget
We don’t believe in a one-size-fits all approach to security, which is why we offer a wide range of SOC solutions, each tailored to specific business needs and categorised into three options depending on your projected security spend. If you’re looking to defend against unauthorised changes we recommend exploring these options:
Essential: Mars
vm, siem
Includes
- All software licenses and upgrades for Vulnerability Management and Security Information and Event Management
- Award winning technology
- Proactive defence
- Reactive defence: incident response playbooks
Benefits
- Reduce security costs
- Protect against unauthorised change
Essential: Jupiter
dlp, vm, siem
Includes
- All software licenses and upgrades for Security Information and Event Management, Vulnerability Management and Data Loss Prevention
- 5 award-winning technologies
- Proactive defence
- Reactive defence: automated
- Reactive defence: incident response playbooks
Benefits
- Protection against unauthorised change
Professional: Saturn
dlp, vm, siem, mdr
Includes
- All software licenses and upgrades for Security Information and Event Management, Managed Detection and Response, Data Loss Prevention and Vulnerability Management
- 6 award-winning technologies
- Proactive defence
- Reactive defence: automated
- Reactive defence: incident response playbooks
Benefits
- Prevent data loss
- Prevent web attacks
- Protect against policy violations
What could a breach cost your business?
Our Cyber Incident Calculator is designed to help you understand the financial implications of a breach for your business and support a business justification for your security investment.
Legal practice defends against a ransomware attack
37 %
of organisations reported a ransomware attack in 202158 %
of businesses attacked paid the ransom£1.3 m
average remediation cost in 2021100 %
of customers protected with sub second automated defence21 %
of IT budgets devoted to cyber security on average
Brendon opens an email attachment from a known client; unfortunately his client’s laptop has been compromised and he opens a document infected with ransomware.
The ransomware starts to encrypt his shared folders, but in a sub-second response his desktop is quarantined by our anti-ransomware system which alerts the SOC team in real-time.
The SOC team notified the client’s IT team and commence incident response processes, using their SIEM they performed root cause analysis which identified the entry method of the malware (via email). The SOC obtained a copy of the malware for analysis in their malware labs, they detonated the malware safely to study its behaviour and identify its spreading mechanism to find it was wormable (able to spread across the network on open ports to vulnerable systems). Armed with this knowledge the SOC guided the IT Team during the recovery process to ensure the malware was not persistent and did not reinfect the systems after recovery or reattempt encryption.
Further to the above, the SOC assessed the DLP alarms to identify whether the attacker also attempted to exfiltrate data, and confirm no data leakage was detected, allowing the client to report back accordingly to the ICO.
One in 6 of those attacked was hit with a ransom and 58% paid up.
37% organisations reported a ransomware attack in 2021
The average firm now devotes 21% of its IT budget to cyber security – a jump of 63%
Average remediation cost in 2021 was £1.36M
100% customers protected with sub second automated defence