The McAfee Focus 16 event is one of the biggest security events in the world, bringing together more than 3,500 security experts, vendors, and customers in Las Vegas, Nevada. McAfee is a key partner of ours, so when we were invited to talk about the work we do with our customers through our SOC (as the only speakers from Australia) we were happy to oblige. Here is a quick recap of the topics we covered in our presentation.
Kinetic IT has a long record of delivering security to government, police and corporate customers as part of the onsite IT managed services we provide for our customers.
Shortcomings in typical IT environments
We found that the available solutions were missing the mark with some real shortcomings in their approach. For example:
- Incorrect Focus: Vendors were selling prevention products which were of limited effectiveness and didn’t improve their detection and response capability when new threats arose.
- Too Resource Intensive: Each technology or solution a customer bought increased the amount of IT security professionals they required.
- Lack of Alignment: Off the shelf solutions were treating all customers the same, regardless of size, business risk or onsite strategy with a one-size-fits-all approach.
We recognised that “more of the same” was not going to be enough, so we took a different approach and partnered with McAfee Security to establish our SOC, with a pretty unique approach.
Adaptable and efficient service design
By focusing on our customers’ particular risk profile, architecture, policies and processes we designed a service that is both adaptable to their risks but also based on efficient and repeatable design.
- Risks: With clarity around the customer’s business risks, we can easily work back to which use cases will provide the most value.
- Architecture: Customer architecture diagrams and general principles help us with configuration. Knowing the difference in syntax between an administrator’s account versus a normal account can significantly reduce false positives and get us to the real value a lot sooner.
- Policies: The customer’s security policies help to shape the monitoring. For example, if a customer uses Dropbox as their corporate cloud storage then it’s far easier to monitor other services for potential unauthorised data exchanges.
- Process: Most of our customers have existing processes, and by understanding these, we’re able to seamlessly integrate within the four week onboarding period via emails all the way to Service Desk toolset integration.
One of the key elements that Intel Security wanted to share with their customers was how successful the Kinetic IT approach has been. A few of the many examples we were able to share included:
- Ransomware: Complete reduction in successful ransomware incidents, even when missed by the leading email security appliances.
- Automation: The ability to automate responses to common threats thus freeing the onsite team to focus on higher value tasks and removing the ‘noise’.
- Value: The ability to maximise the value of our customers’ existing security investments and ensure rapid return on any new investment.
- Visibility: Driving security awareness through true visibility on our customers’ environment.
If you are interested in hearing more of our approach, or understanding how Kinetic IT can ease your security burden please contact us.