INCLUDED IN OUR PACKAGE:
Network / System audit / review
Network security monitor
(onsite or hosted by BeCyberSure)
Advice and support with encryption, BYOD/CYOD and remote access governance, processes and procedures
24/7 incident response team
Assistance with threat and risk assessment
Structured pen-testing program
Dedicated account manager
Regular ‘Cyber Security’ intelligence report
Assistance with information security governance, policy, procedures, protocols and practise
NETWORK SECURITY MONITOR
COLLECT, CORRELATE AND REPORT ALL DATA TYPES ON ONE, SINGLE SYSTEM
We offer our subscribers a network security monitor that leverages a completely new database architecture to deliver the most flexible monitoring system available on the market today.
This award winning solution will collect, correlate and report on all data types within a single system. It enables the subscriber to monitor security, performance, vulnerability, availability, asset and much, much more. The network security monitor can be installed onsite or monitored on behalf of the subscriber by BeCyberSure.
Monitoring systems tend not to be able to handle data from different data sources, mainly because they are usually designed to work on relational databases. This seriously limits their capabilities and leaves them having to manage and update firmware, OS and applications on supported devices. A troublesome exercise which usually requires manual intervention or the use of ad hoc scripts, both of which add considerable cost. For these reasons, many don’t bother.
The variety of potential attack vectors and actors grow exponentially and is now beyond the point where sufficient intelligence can be gathered from log data alone and a SOC needs more than just a SIEM system to deliver the level of situational awareness and forensic analysis needed in current threat environments. In order to analyse the cause (log or SIEM) and the effect (availability and performance) and the event specifics (config, asset, flow and file) of a security event, operators need maximum configurability and this just isn’t possible using multiple systems.
The solution we offer combines a unique database architecture and a ubiquitous data collector which provides functionality across multiple monitored products in a single configurable system, enabling:
- Collection of any data from any device on the network
- Cross-database correlation
- Creation and editing of tabs, dashboards and charts
- Built-in incident management systems
- Forensic analysis at rapid speed
- Comprehensive and customisable reports
GATHER AND MANAGE ALL EVIDENCE OF COMPLIANCE IN A SINGLE SYSTEM
A work-flow based product which allows users to track manual and technical controls in the same system. It gathers and manages all of the information in such a way that you can successfully track attestations, evidence and technical audit data across all policies.
Compliance is an increasing burden for all businesses. For larger businesses it can become an expensive chore. For smaller businesses, it can quickly become a barrier to entry. The solutions currently available tend to be “control-based”, that is to comply with a series of control criteria which are set by whoever set the standard.
The challenge is frequently to understand exactly the language used to describe the ‘Controls’ and then to determine what evidence is required to prove compliance to an auditor. Frequently, there is a necessity to manage more than one compliance regime and more than one auditor.
Our solution is based on an intuitive, customisable, portal-based system which can either be installed on-site or hosted by BeCyberSure. Multiple contributors, including external third-party supply chain correspondents, can log in to answer questions and upload evidence. In addition a data collector can audit devices automatically for technical controls. This enables collection for:
- Attestations – answer questions and upload physical evidence
- Assessment – questionnaires and surveys
- Auditing – of devices to capture date for technical control
This service will automate approximately 50% of most compliance monitoring processes, saving users considerable time, effort and money.
Security on a system which includes direct participation from third-party suppliers is paramount. For this reason, all key functionality is linked to role-based access control so that segregation of contributors is assured. All data is 256-bit AES encrypted and has application layer protection.
THE CYBER THREAT IS INCREASING
The risk of cyber-based crime is high and escalating
ARE YOU READY?
As many as 8 out of every 10 unprepared enterprises which fall victim to a series cyber-breach will go out of business in following months.
Breaches tend to be hidden behind a wall of secrecy, Globally, hundreds of thousands of successful attacks are hidden this way. The few we hear of are the top of a very big iceberg. Usually these involve ‘negligence’ where the banks have been able to decline liability. There are many more which also stay secret because ‘negligent’ victims don’t want a repetitional hit too. But compulsory notification of breaches is coming to a law near you. Soon. And being found guilty of non-compliance / negligence is going to become, both professionally and financially, very expensive indeed.
Information Security (cyber) defences can only defend against known threats. They cannot, by definition, protect us from attacks which we know nothing; so called ‘Zero Day’ vulnerabilities. Criminals have access to Zero Day exploits and, be assured, they are using them.
We must, therefore, assume that at some stage our defences will be breached. We must be ready.