Take a guess at how many days it takes the average company to detect a cyber breach? Would you believe that it sits around the 214 day mark? That’s over 7 months where your data, your assets are at the hands of cyber criminals. Not to mention, once that attack has been spotted it can take a considerable amount of further days for that breach to be contained. By that point your business could have suffered irreparable damage, both from financial and personal data loss.
Nettitude Threat Intelligence
Threat intelligence is at the heart of all Nettitude’s services – understanding who you are defending against and how they will attack you is crucial. An assurance exercise, such as a red team or penetration test, will give you the insight to see where the flaws are in your cyber security posture and strategy. It will, in essence, highlight the problem.
The Nettitude Information Security Consultants will then look at ways you can solve the problem and the gaps in your strategy. However, this isn’t enough. Knowing and expecting to be breached is the first stage, but building an effective monitoring and detection capability is essential in delivering a robust response to the problem.
Organizations should be looking at building a Security Operations Center (SOC) with strong detection and response capabilities. It is important to remember that it’s not if your organization will suffer a cyber breach, but when it will happen.
CREST, CBEST and STAR
There are a number of drivers within the cyber security industry that are paving the way for a more structured, proactive and reactive future. Nettitude is accredited to deliver threat intelligence led assurance testing (such as CBEST), and has been certified for infrastructure, application and wireless penetration testing as well as a team of consultants that have been active contributors to the STAR and the CBEST programmes. In spring GDPR will be coming into force. Up until now it has just been a guidance, however it will become regulation, meaning financial penalties will await organizations that don’t take the necessary steps to protect and report on cyber-attacks.
ThreatDetectors and ThreatReceivers
To help build an effective SOC, Nettitude has developed the Threat2Alert platform. It’s a unique product that allows us to capture, analyze and manage log data through a next generation SIEM (LogRhythm), as well as having a network appliance for traffic capture and analysis (ThreatDetector), customer honeypots (ThreatReceivers) and access to the Nettitude global honeypot intelligence network. ThreatReceivers, or honeytraps, can be placed into your network to capture data on cyber-attacks as they happen. This isn’t all the platform can do, read more about Threat2Alert or contact the Nettitude team to find out more.
Have you thought about purple teaming?
How do you know your SOC is effective?
Nettitude have developed a SOC Maturity Model and in depth approach to SOC consultancy and purple teaming. The latter takes offensive red team activities and uses them in a collaborative and open book approach with your blue team (SOC) in order to build capability and assurance of detection and response actions.
Once the need to mature and improve your SOC is understood, purple teaming will provides an accelerated assurance activity that delivers more value to your organization quickly. Find out more about purple teaming today.
How Nettitude can help
Building a successful SOC (either in house or as part of a managed service) is an important part of the cyber security plan for your organization. Want out find out more? Simply fill in the form below and one of our consultants will be in touch.