As networks and requirements change, disparate security systems across the IT environment have their own GUI. This creates a significant compliance headache for businesses, making it near impossible to accurately assess compliance adherence across a multitude of interfaces. The result is a fragmented view of compliance that is prone to error. The Exponential‐e CSOC is capable of monitoring for compliance to multiple standards, from best practice through to PCI-DSS and ISO 27001. The very nature of this type of monitoring lifts a heavy burden when adhering to regulations such as GDPR.
It correlates and aggregates information from any device or service across a customer's security estate to provide analysis based on each individual company's priorities through one single 'pane of glass'. By layering analyst capabilities over monitoring services, the CSOC is able to report on:
Jeff Finch, Cyber Security Product Manager, Exponential‐e commented:
"The economy relies on every company having access to robust security services and technologies. Yet in the mid‐market, where firms are evolving fast, sometimes it's simply not possible to skill‐up as they evolve and neither can they leave data security to chance. Their brand and future growth depends on them being able to demonstrate that they take data governance extremely seriously.
"It's this segment of the market where the cyber skills crisis bites hardest, and so they need a partner that they can work with. Equally, they need a more pragmatic pricing model – one that doesn't profit from them for being the victim of an attack. It's like having an old fashioned gas meter and the balance running out just as a cold spell hits. Suddenly in the midst of a breach, the CISO has to go cap‐in‐hand to the board for money. Such an approach leaves companies vulnerable and with little choice but to play fast and loose with their cyber investments, which is not a sustainable model.
Exponential‐e provides a suite of proactive services supported by the CSOC,; all of which will be accessible to all customers. The SLA for reporting an event is one hour; this ensures a dedicated analyst has investigated the incident before it is reported to avoid providing false positives. In addition, communication with clients is always secure. A variety of mechanisms ensure that confidential technical information about the security estate is only revealed to the correct people. During the last 18 months, Exponential‐e has developed a comprehensive range of security services and partnerships, all of which will be integrated into the CSOC.
More details about the Exponential‐e CSOC can be viewed here: https://www.exponential-e.com/csoc