ARTICLE

MANAGED SECURITY SERVICESa

JOIN THE WINNING TEAM

GET ON THE FRONT FOOTWITH FUTURE-PROOFING YOUR CYBER SECURITY

ADAPTINGTO A NEW CYBER ENVIRONMENT

In today’s business environment, organisations are becoming digital by default. Almost every

department is using cloud-based solutions so now the IT security challenge lies in gaining a

company-wide perspective on potential vulnerabilities.

Loose security in just one business department can have

repercussions for the entire organisation, resulting in IT’s

responsibilities being stretched to the limit. As the scope and

sophistication of cyber attacks evolves, businesses must be able to

act fast. Rapid response relies on collecting and making sense of

intelligence from across all systems and applications, no matter what

function is using them.

Adapting to a new cyber environment

A lot of IT managers fear that a major incident will occur on their

watch. Even if the breach is outside of their supervision, they know it’s

their team that must lead the incident response and ultimately have to

explain the situation to the board.

As new services and solutions are adopted, it’s becoming less feasible

for a single department to bear the responsibility for monitoring all IT

usage. While existing security tools will likely pick up the more overt

threats, such as malware or ransomware, it’s often the subtler threats

like a breach of personal or financial data that can have the biggest

impact. It could be the case that IT only finds out about a data or IP

breach once it’s in the public domain. This poses not only reputational

risks, but could also have serious legal ramifications, especially with

the GDPR now in force.

There’s compelling evidence that IT departments typically don’t

feel well enough equipped to guard their IT estate round-the-clock.

Research from EY1 found that 75% of IT security professionals rate the

maturity of their vulnerability identification as very low to moderate.

48% didn’t have a security operations centre (SOC) in place, and

only 12% felt confident in their ability to detect a sophisticated cyber

attack. Gaining the breadth and depth of insight to effectively secure

the organisation is not simply a technology issue, but part of a larger

resource issue many organisations are facing.¹Cybersecurity regained: preparing to face cyber attacks Report by EY

ARTICLE

MANAGED SECURITY SERVICES

PAGE 02

aa

“It’s often the subtler threats like a

breach of personal or financial data

that can have the biggest impact.”

Dealing with internal challenges

Ideally, IT managers would be able to take a longer-term perspective

on their organisation’s security. It’s well acknowledged that IT is

fundamental to the future of the organisation, so being able to look

strategically at how security can grow in sync with the business’

ambitions over the next two to three years is vitally important. In reality,

pressing day-to-day demands usually take central focus, making

forward planning a luxury most IT managers don’t have.

Maintaining robust IT security is far from a static task. For many compa-

nies, even if there’s consensus on the importance of security, they

still lack sufficient internal security skills and experience. Investing in

the latest security products alone just isn’t enough. These products

are often complex so training is required to operate them effectively.

Furthermore, the pace at which the security landscape is evolving

places an informational strain on IT managers. They have to keep up

with security developments and undergo training on how to deal with

new threats, while still maintaining day-to-day IT responsibilities.

The fight for sufficient budget to cover security initiatives also presents

a challenge. Budget holders often don’t fully appreciate the risk until

the threat is real, therefore getting sign off on the funds to fulfil all

internal technological and personnel needs may not be easy. This

often means that the IT department finds itself overextended trying

to cover all bases.

Embracing infrastructure change

For many IT teams, the process of developing a future-proof security

strategy is taking place against a backdrop of infrastructure changes.

In the past, IT security considerations have largely been confined to

on-premises data centres protected by well-fortified firewalls. As

more organisations move at pace towards hybrid and multi-cloud

environments, which bring a new set of data management challenges,

their entire approach towards data security must be re-evaluated.

To address this change, IT security must be viewed as a holistic

concept so it can effectively integrate evolving infrastructure with

the latest security products. Our partner NetApp does this with Data

Fabric2, an architecture and set of data services that integrates data

management across cloud and on-premises environments. These

services allow for enhanced visibility, access, control, protection and

security of all the organisation’s data, wherever it may reside.² https://www.netapp.com/us/info/what-is-data-fabric.aspx

A 360-degree threat perspective

To reinforce the company’s ability to identify and act on a potential

cyber attack, IT needs to gain a comprehensive and integrated view

of their threat intelligence. This begins by acknowledging that IT

security is a 24/7 job. Hackers want to catch companies who are on

the backfoot but many organisations simply don’t have the IT resource

available to look through logs and detect abnormalities day and night.

Companies are generally doing well at protecting their assets when it

comes to basics such as firewalls, anti-virus scanning and intelligence

products. The issue is that these products operate as islands - they

don’t ‘talk’ to each other or bring all intelligence into a place where it

paints a full picture of the organisation’s security landscape.

The human element is crucial for integrating solutions and turning intel

into insight. Attack patterns may not be obvious, and so businesses

need to have people who can combine different log systems to

identify patterns and detect threats. Doing this requires extensive

experience and skills which are impossible to acquire overnight.

75%48%

12%

of IT security professionals rate thematurity of their vulnerability

identification as very low to moderate.

of IT security professionalsdoesn’t have a security operations

centre (SOC) in place.

of IT security professionals felt confident in their ability to detect a

sophisticated cyber attack. Bas

ed

on

re

sear

ch f

rom

EY

PAGE 03

ARTICLE

MANAGED SECURITY SERVICES

PAGE 04

aa

“With Proact you have instant access

to a 24/7 virtual security team to

enhance your internal capabilities.”

PAGE 05

The strategic value of managed services

Introducing managed services provides you with an enhanced level of resource with which to reinforce

your security approach. Working with a partner like Proact, you can have instant access to a 24/7 virtual

security team to enhance your internal capabilities. Our managed security services give you the instant

benefit of our vast experience in business and cyber security. Assembling the right team of experts and

implementing premium technology could take a typical IT department several years. With Proact, our

team of security experts is already in place, meaning your security operations can get up-and-running

immediately. By presenting the cost savings of a managed services approach, our customers typically

find it easier to secure funding from senior stakeholders. You can take advantage of our scale and will

avoid the risks associated with investing a lot of money to build your own solution that wouldn’t see a

positive ROI for years. Plus we can design and build services and solutions for you, which means you

can spend your time concentrating on business-critical projects.

vSOC advantage

Becoming a Proact partner gives you the opportunity to benefit from

our vSOC service, which adds a protective layer to your organisation’s

defences. We work closely with your in-house team to detect things

you normally wouldn’t pick up in your own environment. Based on

years of experience, our team can identify potential issues - maybe

there’s no obvious threat picked up in logs, but abnormal patterns or

activity suggest something that needs addressed.

Our team identifies threats and helps you build your response. We

can show you which assets are being attacked and what actions you

need to take, helping you stay alert to threats regardless of where and

when they emerge.

To future-proof your business, it’s important to realise that you can’t

do everything alone. Working together, we can offer the skills and

expertise to take your security approach to the next level, providing

you with all the support you need to get on the front-foot and address

vulnerabilities proactively.

“Assembling the right team of

experts and implementing premium

technology could take a typical IT

department several years.”

DELIVERING BUSINESS AGILITY SINCE 1994

MORE ABOUT PROACT

CONTACT US

Follow us on social media

c

Proact is Europe’s leading independent data centre and cloud

services provider. By delivering flexible, accessible and secure IT

solutions and services, we help companies and authorities reduce

risk and costs, whilst increasing agility, productivity and efficiency.

We’ve completed over 5,000 successful projects around the world,

have more than 3,500 customers and currently manage in excess

of 100 petabytes of information in the cloud. We employ over 800

people in 15 countries across Europe and North America. Founded

in 1994, our parent company, Proact IT Group AB (publ), was listed

on Nasdaq Stockholm in 1999 (under the symbol PACT).

Proact IT

PO Box 1205

SE-164 28 Kista

Sweden

Telephone +46 8 410 666 00

Email info@proact.eu

For further information about Proact’s activities please visit us at

www.proact.eu