Companies and the public sector are slowly beginning to realise that there is no 100% protection against cyber-attacks and the European Data Protection Regulation’s obligation to report security incidents within 72 hours is driving the message home.
New approaches which focus on attack detection and subsequent reactions are becoming more and more important. This includes the Cyber Defence Centre concept—a highly specialised team, available 24/7, responsible for detecting and reacting to attacks.
The technical cornerstone of a Cyber Defence Centre these days is a SIEM system (Security Information & Event Management). SIEM systems collect and correlate the log information of all kinds of IT systems and alert users to security-relevant events. The only requirement is that a use case is defined for these security-relevant events.
Bechtle supports its customers in setting up a Cyber Defence Centre with SIEM systems, but that’s not all. Using a combination of forensic tools and machine learning, it’s possible to do away with an SIEM system by employing use cases, enabling attack detection without any manual effort, and thus saving an immense amount of resources.
Cybercrime and defence also includes comprehensive vulnerability management, both from within the internal network and via external checks.
Today’s IT environments not only include standard systems, but also an increasing number of dynamic ones. Companies are increasingly relying on virtual systems or cloud-based solutions that can be employed quickly and according to needs. These solutions can be dynamically assigned to networks and IT infrastructures and also revoked again. Standard quarterly, monthly or even weekly scanning is therefore no longer enough to guarantee the necessary visibility of vulnerabilities.
Organisations need modern solutions that offer a variety of ways to identify vulnerabilities in dynamic assets. They also have to provide clear recommendations on how to prioritise and deal with vulnerabilities while simultaneously being adaptable to the organisation’s different needs.
For this reason, Bechtle offers its customers Black Box and White Box penetration tests, during which known and unknown areas in a company’s network are cyclically and dynamically checked for vulnerabilities and then evaluated.
Bechtle also offers a service of checking business critical information circulating on the internet and on the dark net, whereby both are specifically searched for company-specific and critical data and the customer is informed if anything is found.
As an additional component of the Cybercrime and Defence offer, Bechtle checks passwords and accounts using privileged user management solutions, with all application and system passwords checked and changed cyclically. These changes are documented and managed for audit using appropriate modules ensuring that relevant compliance requirements are taken into consideration.