Technology Record - Issue 26: Autumn 2022

101 technology with our human experts to deliver continuous protection for our customers’ assets,” says Velleca. “Somewhat uniquely, CyberProof ’s platform offers full visibility into all the activities being carried out by our analysts, as well as a record of all security alerts and incidents, so cybersecurity is no longer a black box for organisations. Now, they can see exactly what happens in their security solution when it receives an alert, allowing them to play an active role in protecting their business.” CyberProof ’s solutions have already helped multiple clients to protect their critical assets against potentially catastrophic cyberattacks. Velleca cites a project with one of the world’s largest insurance firms as a notable example. “The organisation provides a centralised service to more than 200 divisions, all of which operate as separate companies that are based in multiple countries around the world,” he says. “It wanted to ensure compliance with various financial services and data management regulations, and find a way to manage and report cyber risk across the business. “We replaced years of legacy detection rules and playbooks with Microsoft Sentinel SIEM and developed a federated model so cybersecurity can be managed centrally, but each separate division can report on its own regulatory compliance and cyber risks.” To develop the federated model, CyberProof carried out a significant amount of data ingestion work and deployed a data lake. “We parsed, aggregated, filtered and tagged the data, taking only the higher value data into the Microsoft Sentinel SIEM to run it against the detection rules,” says Velleca. “This vastly reduced the amount of data going into the SIEM, expediting threat detection and cutting costs, while creating a much better structure for data hunting.” The results were impressive. “This was one of the first commercial deployments of Microsoft Sentinel SIEM, so we were innovating under fire, but both CyberProof and our client are delighted with the outcome,” says Velleca. “Our solutions reduced the total cost of ownership by more than 25 per cent and cut the time it took to process a forensic data query from days to around 20 seconds, so everything is now done in near-real time. We created next-generation security architecture that will protect our client for years to come. It has now become our reference architecture for other customers too.” Velleca expects collaborations like this to become more common as the network of connected devices grows. “Businesses will be dealing with massive amounts of data, which will require them to automate threat triage processes, design better capabilities for parsing and optimising data, develop better detection rules, and build and automate improved playbooks,” he says. “Most organisations don’t have the necessary skill set in-house, so they’ll need the help of experts that have the knowledge and expertise to identify and resolve their current cybersecurity challenges, and future-proof their business to ensure continued protection against evolving cyberthreats. “Collaboration will certainly be the key to success in the future cybersecurity landscape, and CyberProof is well-equipped to help in the fight against cybercrime.”

RkJQdWJsaXNoZXIy NzQ1NTk=