In a move that the company says will disrupt the market, connectivity firm Exponential-e has launched their Cyber Security Operations Centre with a view to making defence in‐depth the default standard for the mid‐market. Jeff Finch, Cyber Security Product Manager at Exponential‐e explains.
Comms Business Magazine (CBM): What is the reasoning behind your investment in the Cyber Security Operations Centre (CSOC)?
Jeff Finch (JF): The company is looking to disrupt the status quo by allowing companies to embed compliance standards within the perimeters of that the CSOC monitors, equipping companies with a real‐time view of their compliance status. In addition, Exponential‐e is calling time on volatile events-per-second and service‐based pricing models, offering an asset‐based pricing model that will allow companies to align the CSOC with their cyber strategy.
As networks and requirements change, disparate security systems across the IT environment have their own GUI. This creates a significant compliance headache for businesses, making it near impossible to accurately assess compliance adherence across a multitude of interfaces.
The result is a fragmented view of compliance that is prone to error. The Exponential‐e CSOC is capable of monitoring for compliance to multiple standards, from best practice through to PCI-DSS and ISO 27001. The very nature of this type of monitoring lifts a heavy burden when adhering to regulations such as GDPR.
CBM: In simple terms how is CSOC able to achieve and deliver this?
JF: It correlates and aggregates information from any device or service across a customer’s security estate to provide analysis based on each individual company’s priorities through one single ‘pane of glass’.
By layering analyst capabilities over monitoring services, the CSOC is able to report on:
- External vulnerabilities – preventing different attack vectors from outside the network
- Threat detection – monitoring the security estate and seeking out threats that have yet to be activated
- Internal vulnerabilities – analysing devices within scope to see how their security posture can be enhanced
- Network intrusion detection – identifying inbound threats and anomalies in network traffic
- Network security monitoring – proactively monitoring for anomalous behaviour spanning applications, networks, systems and data access.
CBM: Why are you targeting mid-market users in particular with CSOC capabilities?
JF: The economy relies on every company having access to robust security services and technologies. Yet in the mid‐market, where firms are evolving fast, sometimes it’s simply not possible to skill‐up as they evolve and neither can they leave data security to chance. Their brand and future growth depends on them being able to demonstrate that they take data governance extremely seriously.
It’s this segment of the market where the cyber skills crisis bites hardest, and so they need a partner that they can work with. Equally, they need a more pragmatic pricing model – one that doesn’t profit from them for being the victim of an attack. It’s like having an old-fashioned gas meter and the balance running out just as a cold spell hits. Suddenly in the midst of a breach, the CISO has to go cap‐in‐hand to the board for money. Such an approach leaves companies vulnerable and with little choice but to play fast and loose with their cyber investments, which is not a sustainable model.
CBM: How does CSOC integrate with your overall security offerings for users?
JF: During the last 18 months, Exponential‐e has developed a comprehensive range of security services and partnerships, all of which will be integrated into the CSOC. Exponential‐e provides a suite of proactive services supported by the CSOC,; all of which will be accessible to all customers.
The SLA for reporting an event is one hour; this ensures a dedicated analyst has investigated the incident before it is reported to avoid providing false positives. In addition, communication with clients is always secure. A variety of mechanisms ensure that confidential technical information about the security estate is only revealed to the correct people.
CBM: How can Exponential-e channel partners participate in the CSOC offering?
JF: The CSOC does apply to the channel and they can offer this as well as the full range of our cyber security services. The systems architecture is multi-tenanted while the platform, monitoring and services are managed by Exponential-e specialists.