Accelerating your law firm’s response to cyber threats · cyber-attacks? Managed Detection and...
Transcript of Accelerating your law firm’s response to cyber threats · cyber-attacks? Managed Detection and...
cts.co.uk
Accelerating your law firm’s response to cyber threatsManaged Detection
and Response Whitepaper
60% of UK law firms have experienced a cyber-attack in the last year and in the absence of a silver bullet, effective information security now relies on the ability to address issues before they become problematic.
Does your firm have the capability to detect and respond to cyber-attacks?
Managed Detection and Response (MDR) integrates the dedicated experts, technology and intelligence needed to eliminate the latest threat actors that evade traditional IT defences.
In this whitepaper, we explore how this service enables your firm to achieve high-quality, proactive cyber security for an affordable monthly subscription.
ContentsP3. The six security challenges your firm
needs to address
P6. How Managed Detection and Response mitigates your cyber security risk
P7. Benefits of dedicated threat detection and response
P9. The growing cost of setting up your own 24/7 cyber security operations centre
P10. Achieve advanced threat protection with an affordable MDR solution
2
Why proactive threat detection is vital
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
In a growing and increasingly hostile digital landscape, having the capability to rapidly detect and respond to threats has become imperative.
191 days. The average time it takes businesses to detect a breach.
£2.7 million. The average cost of a breach.
€20 million or 4% of global turnover. The maximum fine for a data breach under GDPR.
3
The six security challenges your firm needs to address
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
Did you know? Nearly two thirds of breaches involve hacking.
Despite offering a variety of cost savings and productivity benefits, new technologies and trends such as cloud computing, IOT and BYOD are not without their risk and widen the surface through which cybercriminals are able to attack.
The task of managing and maintaining new technologies alongside legacy systems only complicates the problem and helps to tip the odds further in attackers’ favour. Hackers need to find only one flaw whereas your firm needs to protect against them all.
1. The attack surface is growing
Business growth, changes to network infrastructure and the rise of Big Data mean that every firm’s security posture is continually evolving.
2. Criminals are stealthier than ever
In order to evade your defences, the tools developed and deployed by cybercriminals continue to grow in sophistication and are more widely accessible than ever.
Despite offering a base level of protection, traditional preventative security such as firewalls, web filtering, email filtering and anti-virus are ineffective at stopping persistent human assailants that are capable of thinking outside of the box to utilise unknown exploits.
Purchasing all requisite technology outright can create a significant budgetary black hole, which may mean that you are forced to compromise on vital solutions. What’s more, with so many products competing for your money, surveying the market to choose the best available can be a minefield. Plus, there’s the added risk that some may quickly become obsolete.
Deploying, configuring, maintaining and monitoring the latest prevention, detection and deception technologies can be heavily time and resource-intensive, particularly if specialist security skills are in short supply. Many security systems generate a high volume of alerts that require investigation and amongst all the noise it’s easy for your personnel to get buried.
3. Security technology is costly and high maintenance
Protecting your firm against the latest cyber threats demands a range of technologies to prevent and gain visibility of malicious activity across your IT environment.
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
4
To safeguard against evolving threats, possessing an in-depth understanding of how attackers operate is now essential.
The importance of data security means that regulators are taking an increasingly hardline stance against firms that fail to introduce appropriate measures to prevent and respond to attacks.
The General Data Protection Regulation (GDPR) is one such piece of legislation that aims to improve and unify the way that firms operating within the EU process personal data and report cyber breaches – with a large fine of up to 4% of global annual turnover for non-compliance.
4. Compliance demands are increasing
MDR supports law firms in meeting vital compliance standards such as ISO 27001 and Cyber Essentials PLUS - a key requirement to achieve LEXCEL accreditation.
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
5
While utilising the skills of IT personnel may help in the short term, IT and security are becoming increasingly separate functions with competing priorities.
A mature level of cyber security can only be achieved with qualified experts that know how criminals operate, including the hacking techniques they employ, and utilise this knowledge to monitor and respond to threats.
5. There is a severe shortage of security talent
A global security skills crisis means that it is difficult and expensive for your firm to hire and retain the dedicated experts needed to assist with security strategy and handle day-to-day operations.
If your firm lacks specialist security skills and resources, a fully equipped Cyber Security Operations Centre, complete with 24/7 security experts, can be unattainable.
6. Setting up your own CSOC is resource-intensive
Developing the advanced capability needed to detect and respond to threats, as well as keeping it operational outside regular working hours, can consume an even greater proportion of the IT budget.
66% of UK companies lack the cyber security workers to meet their needs.
In a week, the average organisation receives 17,000 malware alerts: 19% or less are reliable. 4% are investigated due to limited resources.
6
How Managed Detection and Response mitigates your cyber security risk
Our Managed Detection and Response solution is designed to address the evolving challenges of cyber security. Supplying experienced CSOC experts, latest detection, deception and incident response technologies, and up-to-the minute intelligence for an affordable monthly subscription, MDR provides an advanced level of defence by hunting for, rapidly detecting and aiding remediation of threats.
Supplying the complete capability to respond swiftly to threats
ProfessionalsQualified security analysts, engineers and incident responders.
Proactive threat hunting, monitoring and investigation.
Providing remediation guidance and incident response capabilities.
TechnologyDeployment, management and configuration of all technologies included as part of the service:
- SIEM - Intrusion Detection - Vulnerability Assessment - Behavioural Monitoring - Security Analytics - Endpoint Protection
IntelligenceAn extensive range of global threat intelligence feeds.
Custom research and forensics to inform defensive actions and custom rulesets capable of detecting unknown threats.
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
Benefits of dedicated threat detection and response
Relying on a specialist security service that works closely alongside your firm’s in-house teams to detect and respond to threats has many advantages.
10 Reasons to choose a security expert
1
5
2
3 4
86
10
7
9
Quickly determine if your firm is under attack and the level of risk posed
Receive actionable intelligence and the noise-free outputs needed to identify genuine attacks
Significantly improve your mean threat detection and response times
Avoid the time- consuming and complex task of monitoring network event logs
Benefit from experienced security professionals, trained to identify the latest threats
Proactively identify threats with 24/7 threat hunting, monitoring and investigation
Treat security as an operating, rather than a capital, expense
Leverage fully integrated incident response capabilities
Stay protected with the latest detection technologies, optimised for best results
Avoid investment in disparate technology platforms that can quickly become obsolete
7
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
Average time to detect and respond to threats
8
Level of threat detection and response capability
MONTHS
WEEKS
DAYS
HOURS
MINUTES
LOW HIGH
Significantly improve incident response
Requirements of the GDPR satisfied by MDR:
• Ensuring that personal data is processed in a manner which ensures that it is protected against unauthorised or unlawful processing and against accidental loss, destruction or damage (Article 5).
• Testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of data processing (Article 32).
• Implementing robust procedures to detect and investigate personal data breaches as well as report them within 72 hours to a relevant authority, and, in high-risk cases, to affected individuals (Article 33).
Comply with the GDPR
Adhere to new breach reporting standards
The General Data Protection Regulation (GDPR) is one of the most wide-ranging pieces of EU legislation passed in recent memory.
Its aim is to standardise data protection law across the single market and give individuals greater control over how their personal information is used.
Reduce the time it takes to detect attacks from months to minutes.
72
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
Employing specialist security experts
Hiring the appropriate people needed to run your cyber operation is perhaps the costliest component of any in-house security investment. Once recruitment fees, space and equipment costs, bonuses and ongoing training are factored in, the actual cost of employing a security professional may be over 50% greater than the budgeted salary.
Purchasing specialist technology outright
Acquiring the infrastructure needed to contain and remediate threats can be a huge expense. In addition to servers, PCs and back-end systems, your firm will require a wide-range of specialist security technologies. The cost of associated maintenance, support and configuration means that the total expense can be several times greater than any initial outlay.
Setting up dedicated premises
Setting up a secure and resilient facility that is set apart from the rest of your firm and equipped for disaster recovery can also be cost-prohibitive. Additional resources that need to be considered include power, ventilation and fire suppression.
Meeting 24/7 staffing requirements
To provide 24/7/365 coverage, your firm would require three sets of staff to cover three eight-hour shifts. Once management costs and backup coverage for employee time off is factored in, even a small company would need a minimum of five full-time specialist security workers. That’s at least £432,000 per annum.
Building threat intelligence
Obtaining the high-grade intelligence needed to improve your firm’s cyber awareness and inform defence actions can only be achieved with extensive investment in a wide range of threat intelligence feeds and in-house research.
Achieving CSOC certification
To certify the effectiveness of your operation, compliance with recognised information security and CSOC standards is vital. Such standards can be difficult and time-consuming to achieve, requiring the implementation of robust policies and procedures.
With MDR you don’t need to worry about:
9
The growing cost of setting up your own 24/7 cyber security operations centre
The total cost of ownership of in-house resources dedicated to proactive threat detection and response means that setting up a CSOC to perform these vital functions is simply not a viable option for many firms.
Outsourcing security needs to a specialist provider offering end-to-end incident management capabilities for an affordable monthly subscription enables your firm to achieve enterprise-grade cyber security at a fraction of the price of equivalent in-house investment.
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
1010
Achieve advanced threat protection with an affordable MDR solution
10
Defending against the latest advanced threats is a complex and resource intensive task that requires firms to adopt a proactive rather than reactive approach to security.
For firms that lack, or cannot afford to invest in, in-house expertise and resources, MDR breaks the mould of a traditional security service to provide specialist incident monitoring and response capabilities, including all essential outputs, for an affordable monthly subscription.
With the GDPR now firmly in place, it is critical that firms ensure that appropriate controls are in place to address the latest security challenges and minimise the risk of suffering a serious data breach.
Achieve enterprise-grade security protection at a price that can be less expensive than hiring just one additional IT engineer.
THE SIX SECURIT Y CHALLENGES YOUR FIRM NEEDS TO ADDRESS
Head Office7450 Daresbury ParkDaresburyCheshireWA4 4BS
London Office88 Wood Street10th-11th FloorLondonEC2V 7RS
0345 872 4400
www.cts.co.uk