Spate of cybersecurity breaches encourages companies to seek out advanced security solutions
Recent increases of high level cybersecurity breaches, particularly in financial institutions, has resulted in a surge of interest in system integrator three6five’s cybersecurity offerings.
“Clients are beginning to distinguish between compliance and security and are seeking out methods to verify and validate their security posture. In particular, we have noticed an increase in security consultation requests including security audits, vulnerability and penetration testing services as well as a demand for intelligent security monitoring tools,” says Adam White, team leader of the Cybersecurity division at three6five
The company’s vulnerability assessment evaluates system and network security to identify possible vulnerabilities or areas of exploitation. This assessment can be done to fulfil a requirement for compliance or to test current security policies and procedures. Although the assessment can and should be used to test a system or applications current security posture, the value of the assessments is usually in determining how and why the vulnerabilities initially exist.
“The three6five value-add is in utilising the scan results to determine where policies and procedures are failing or could be improved,” adds White. “These policy and procedure adjustments are actioned and verified again at a later stage by additional scans, resulting in continuous assessments and adjustments to ensure that the intended security profiles match real world results.”
Penetration testing furthers security assessments and is an aggressive approach to testing networks, systems, services and employees. Highly skilled security engineers try to exploit vulnerabilities across a wide range of attack vectors to gain access to client systems to simulate, as accurately as possible, a real-world attack.
“The penetration testing can be performed in a multitude of ways, with specific rules of engagement key to determining the success and overall accuracy of the exercise,” says White. “It can also be used to evaluate the ability of monitoring and security teams to detect and respond to these attacks. “
Intelligent security and behavioural monitoring tools are becoming increasingly popular in helping security teams identify a breach or malicious behaviour inside and outside the network. These products learn behavioural patterns and alert if traffic, hosts or users deviate from this baseline behaviour.
For example, a web developers machine that has been compromised starts connecting to shares, data bases and other systems that it has not contacted before. In addition, data is pulled from these systems in amounts that are uncommon. The tools will identify this abnormal pattern, provide information relating to the event and in some cases provide the ability to quarantine or action a set of remediation procedures.
This reduces the reliance of security analysts and teams to identify breaches and malicious activity, which requires a deep understanding of their environments and networks, and rather allows these teams to concentrate on remediation and containment actions.
three6five has recently bolstered its Cybersecurity division with security experts in its Johannesburg, Cape Town and Durban offices. However, as many of the security products it offers are available remotely, these services can easily be offered to its customers across Africa.
“The basket of products includes standard security items such as email and firewall security, through to more technical offerings such as penetration testing and vulnerability assessments,” says White. “Companies can choose to use the entire suite or select only the items they require.”
Three6five’s offers its security services in two options: Professional Services and Managed Services. Professional Services allows clients to utilise the team of skilled security engineers for ad-hoc or project-based implementations and consulting across their security portfolio. Managed Services provides the company’s clients with the ability to complement their current security team or outsource specific focus technologies by selecting any number of security services within the portfolio.
Services offered include: Consulting, Firewall/UTM/IDS/IPS, web application firewall, identity and access management (IAM), email security, endpoint protection, vulnerability assessment and penetration testing.
“Security is an ongoing process and we encourage our clients to continuously evaluate their policies, implementations and strategies.” says White. “Our security consultants are available to assist clients in identifying what they should be securing as well as the tools and products that should be used to secure it.”