Change of direction in IT security: from prevention to improved detection and response

For a long time the consideration of IT security risks in many companies was dominated by the assumption that they themselves did not represent a worthwhile target for attackers and that it was enough to buy the latest security technology, perhaps a new network firewall, every few years. The available resources were typically allocated to the evaluation and purchase of prevention tech common on the market. Nevertheless, or perhaps precisely because of this, the number of cyber attacks and their potential to wreak real damage has risen again and at a faster rate than previously encountered. Threats to businesses’ data and applications have become real and omnipresent. Prevention alone is, de facto, is no longer sufficient as far as security in the digitized economy is concerned. “Businesses are changing their IT security tasks. They are moving away from pure prevention approaches to concentrate more on the detection and response to attacks.”, Gartner forecasted back in Spring 2017. Managed Security Services make it easier for businesses to meet the increasing requirements of the detection and response to security attacks by bringing more control and transparency to IT security with expertise, dashboards and tools. 

Now that phishing, DDoS, ransomware, code injections and innumerable other types of cyber attack have reached what appear to be record levels, it is practically impossible to reliably prevent such assaults with purely preventive measures. The less clumsy types of threats observed have, so I hear, already acquired their own TLA: the security industry calls them APTs, Advanced Persistent Threats.

On average, 8 out of 10 web applications are vulnerable. This is revealed by United Security Providers’ Vulnerability Scan, which offers a free check of websites for weaknesses on behalf of site owners. A free and one-off investigation of the status of a website is certainly not wrong, but at best it provides only an initial examination of the site and urgency. An integrated verification and holistic protection of the applications and services that are mission-critical and/or process data worthy of protection is indispensable. The complex setup of systems of this kind, which thanks to digitization are also increasingly being used over the Internet or operated in the cloud, opens up an ever-increasing target area to attackers. Businesses are seeing increasing probability of occurrence and growing potential extent of the loss arising from associated security risks.

A lack of specialist staff is an additional aggravating factor

“The lack of specialist staff in IT, and in IT security in particular, is a further important driver for the increased demand for Managed Security Services. Sound knowledge in the field of IT security is in short supply and hence is not cheap.”, says Urs Binggeli, head of the Managed Security division at United Security Providers. “Most organizations are short of the knowledge and experience of detection and response strategies in IT security because they previously concentrated on preventive approaches. This is why they are increasingly turning to support from the outside to deal with IT security.”

IT security: from stand-alone solutions to the overall concept with improved transparency and control

In the past, IT security often consisted of a range of numerous isolated solutions which operated independently of one another. Now these solutions are coming closer together. It is good to prevent attacks. It is even better, however, to be able to detect attacks in the first place, then to be able to respond adequately to them and later to check regularly on the effectiveness of the measures you have taken. Central collation, evaluation and presentation of information relevant to security is indispensable for this. Modern IT security demands comprehensive control options and intelligent control mechanisms. The various security systems should interact and communicate with each other. Cockpits and management dashboards, which were previously focussed on corporate management, are now taking their place in information security. Managed Security Services providers and Security Operations Centers, with their comprehensive range of services, are on the pulse and are meeting the need for more transparency and control.

Six benefits of USP Connect®: Cyber security under control

United Security Providers offers its Managed Security Services customers a services library and a real-time overview of the status if their global IT security set-up. With its numerous tools, statistics, analyses and reports, USP Connect® allows you to call up all the important information about the status and performance of the managed security solution at a glance.

1. Overview in real time

The Services dashboard offers a real-time overview of the key performance indicators and status information for all services or individual service subjects (e.g. locations, devices). It allows all stakeholders can keep on top of the status of their outsourced security services at all times.

2. Security dashboard

The Security Dashboard provides an overview of attacks prevented, anomalies detected and the current threat situation. It highlights urgent requirements for action by showing critical security events. Powerful trend analysis and statistical functions create an effective basis for detecting and assessing the relevance of the anomalies detected, such as increasing failed logins, or accesses from geographically unusual regions, and for responding to them accordingly.

3. Digitized Service Management

In addition to these mechanisms for the detection of potential attacks, USP Connect® offers comprehensive service management options. Service requests are processed by a user-friendly ticketing system. The status of open incidents is clear to see, as are requested changes or service extensions. Error-free implementation of changes is ensured by means of specific control views and best-in-class release procedures.

4. Agility and efficiency despite Managed Security: User self service

Managed Security means that the security infrastructure is operated and monitored 24/7 by professionals in a cost-efficient process. Despite this, United Security Providers’ MSS customers do not have to give up on agility: For example, user self-services in USP Connect® provide an option for customers to modify dedicated parts of the configuration themselves. This makes it possible for the customer to perform specific tasks efficiently himself and he is not dependent on MSSP timescale, quite clearly bringing efficiency gains in the implementation of standard changes, for instance.

5. Standard and ad hoc reporting

USP Connect® has comprehensive and reliable reporting options and data analysis tools. The user has a number of pre-defined and configurable analyses available and can download reports simply and without great effort.

6. Well protected and user-friendly

The USP Connect® user interface is intuitive to use and is protected against unauthorised access by multifactor authentication and WAF technology. Users benefit from role-specific views and access rights, and many useful functions, accurate context help, quick navigation, favourites or search functions, for instance. Alongside USP Connect® Managed Security Services customers obviously have open access to skilled and friendly support from an expert at United Security Providers’ Security Operations Center through the classical route of a 24/7 hotline.

Summary

Choosing a Managed Security Services provider is a tried-and-tested way in which a business can quickly improve its capacity to detect and prevent attacks. Thanks to anomaly detection, in the ideal case attacks can be detected and halted in good time before they have any success and are able to cause damage to the company’s network. By choosing a Managed Security Services provider that has a digitized service management platform, IT departments gain more transparency over the actual status of their IT security, are able to make well-founded decisions and have solid arguments for discussions on the strategic development of their IT security strategy.

Join our Webinar and Learn more about our Managed Security Services

Which are the 10 most important requirements that a Managed Security Services Provider has to fullfill? Watch our latest webinar now and learn more.

Watch the webinar now

 

Author Details

Michael Liebi

Michael Liebi

Michael Liebi is CEO at United Security Providers

Leave A Comment?