Cyber Security by Digital Craftsmen

Digital Craftsmen has a heritage spanning almost twenty years. Long before Public Cloud, Broadband, and Ransomware were even thought of, we’ve been keeping our customers safe through all the changes and developments online.

Today, the commoditisation of online threats in our hyper-connected world means that everyone is at risk from cyber-attack. Local and central government are particularly challenging environments where the drive towards online services must be balanced with the need to secure the personal data of its users, during a period of great upheaval and uncertainty. Budgets are tight, with many headcounts frozen. The risk of an embarrassing, and costly, data breach gets higher all the time, as more and more criminal gangs target ever smaller organisations.

Unfortunately, the skills required to counter these threats can be expensive, and difficult to recruit, even when budgets are available.

We provide a way to access the skills, experience, and technology solutions required to secure a modern online business in a cost-effective way, that enhance the capabilities of your existing IT teams without requiring significant capital expenditure or hiring specialist skills that can be hard to manage.

For us, security is always job number one and it’s been baked into our culture from the very start. Security Mindset – we provide an environment for cyber specialists to thrive which means we can provide you with the necessary skills quickly and efficiently, for as long as you need them. We’ve also partnered with some of the best cyber security software providers to build an eco-system of technology products that allows us to quickly deploy analyse, detection, and control systems into your existing networks for a rapid return on investment.

Secure Foundations

Cyber criminals are already inside your network. That may not be exactly true but it’s no longer sufficient to protect your border and think that the job is done. Now you must design and operate your systems as though the criminals are already there, which means

  • Taking care of patching promptly and efficiently
  • Designing networks to protect key assets
  • Hardening servers to minimise the attack surface, i.e. reducing the ways that criminals can attack your systems
  • Monitoring all aspects of your networks 24x7
     

This is the minimum you should expect from a managed service provider.

Vulnerability Management

Grow beyond a few devices and managing vulnerabilities becomes a major chore. Our vulnerability management service provides a centralised dashboard that identifies the most pressing vulnerabilities that present the highest. Our security team is available to advise on ways to address the issues, and to supplement your own team with resources to update systems to close off these vulnerabilities.

Vulnerability Management is available across Windows, Linux, Mac, & Mobile devices to provide the most comprehensive view of the threat landscape within your organisation.

Intrusion Detection

No matter how well we manage the vulnerabilities, there is always a way for the attackers to find a way in. In a well-managed organisation, monitoring and good backups will reduce the time it takes to identify a breach and mitigate some of the effects of ransomware. For many organisations this will be enough but if you process personal data or transact through the web, this is not enough. We must be proactive in looking for, detecting, and then stopping a breach as it’s happening. Intrusion detection looks for unusual behaviour, and Indicators of Compromise (IoC), across the estate and reports on these when discovered. Intrusion detections includes

  • Antivirus and malware detection with centralised reporting and management
  • Detection of unauthorised file changes
  • Log file analysis to detect unusual behaviour and other IoC
  • Detection of unusual network traffic
  • Detection of unauthorised configuration changes on servers
     

A common criminal tactic in larger organisations is to breach the network but then spend several days or weeks mapping out the system and looking for further weak points and high value targets. Intrusion Detection aims to catch them whilst they’re “laying low”.

Security Operations Centre

Highly regulated businesses, or those that face significant operational, or reputational, damage as a result of a breach need to ensure that they are working the hours that the criminals work, i.e. 24x7. Only very large enterprises can afford a cybersecurity team with sufficient resources and experience to operate 24x7. We help smaller organisations by offering a 24x7 Security Operations Centre that builds on our other services to provide complete peace of mind that whenever the criminals strike, we’re ready to react immediately to close off their attack. Key features of this service include

  • Close coordination with client IT & Security teams
  • 24x7 monitoring for Intrusion Detection
  • Development of incident response playbooks to allow swift response to attacks
  • Day-to-day responsibility for managing the Vulnerability Management and Intrusion Detection services
     

Cyber Security by Digital Craftsmen – peace of mind in a threatening landscape

Twitter

LinkedIn

Facebook

Supplier Profiles