Clicky

Netic protects your IT security around the clock

Discover and stop cyberattacks. Fast, effective and simple.

With Netic Managed Detection & Response, you get a full team of Danish security specialists, who actively keep an eye on your IT security around the clock and stop cyberattacks, before they harm your company.

Need help to discover and stop cyberattacks?  Contact us

An IT security team you can trust

Netic is built around openness and honesty. We need to be able to trust each other, and you are welcome to breathe over our shoulders. You get access to our SOAR (Security Orchestration, Automation and Response) system IBM Resilient, in order for you to always have an overview of current attacks and see who is handling them.

We make use of various best practice use cases, based on ISO 27001 and CIS20-controller, which makes it possible to fast and easily obtain a high maturity level. These can be supplemented with extra use cases targeted to your specific needs. One of the largest benefits of collaborating with Netic is that our comprehension goes beyond security. You get access to a large team of experts within both applications operations and software development – as part of the Trifork-concern, we have more than 800 colleagues’ knowledge to draw on.

In other words: We both understand your infrastructure and your applications; thus, we can protect you better and stop potential attacks.

Our services Cases

What you get with Netic Managed Detection & Response

Effective defense team to discover and stop cyberattacks

A broad team of highly qualified specialists

IT security around the clock without large set-up and operating costs

Danish SOC with Danish specialists – your data will not leave Denmark

Handling of incidents from your existing security solutions

Full transparency in our collaboration

Safe from governance of operations for optimization

Netic can help you in all phases of your work with your IT security. By going through our recommended model of cybersecurity step for step, we will help you reaching the right level of security, getting a systematic process for your IT security and finding the right balance between risk willingness and budget. The process is iterative, so when you have been through the circle, you are not done, instead you can go back to step 1, and improve each single step, while making your security more robust.

Netic's Cyber Protection Activity Plan

Establish governance and organisation

Establish governance and organisation

Start by understanding key business drivers
and obtaining senior management support
for a robust cyber security programme.
This is followed by establishing roles and
responsibilities, agreeing your strategy,
developing policies and standards, and enabling
reporting.

Identify what matters most

Identify what matters most

Map business objectives/products/services to
supporting people, processes, technology and
data infrastructure, and rank by criticality to your
business. This includes the ecosystem/supply
chain which you operate within, both 3rd parties
who supply you and those that you supply.

Understand the threats

Understand the threats

Understand who might want to attack you, why,
and how they might go about carrying out such
an attack in order to allow you to focus your
efforts on how to respond to the most likely
threats.

Define your risk appetite

Define your risk appetite

Start to understand what the most likely
cyberattacks could cost your business through
simplified cyber risk quantification coupled
with a cyber risk management framework,
which forms part of your overall operational risk
management processes. This includes setting
your risk appetite and reporting mechanisms to
ensure you operate within it.

Focus on education and awareness

Focus on education and awareness

Establish an education and awareness
programme, ensuring all of your employees,
contractors and third parties can identify a
cyberattack and are aware of the role they play in
defending your business against threat actors.

Implement basic protections

Implement basic protections

Secure your business at the technology level
by deploying basic protections including secure
configuration, patch management, firewalls,
anti-malware, removable media controls,
remote access controls, and encryption.
Establish a Vulnerability Management (VM)
programme which manages vulnerabilities from
identification through to remediation. Establish
an effective Identity and Access Management
(IAM) programme to control access to your
information. Focus on data protection and
privacy (technical and compliance) as well as
managing third parties who have access to/
control of your data.

Be able to detect and attack

Be able to detect and attack

Establish a security monitoring capability
which can detect an attack through monitoring
activity at various levels within your business.
Depending on your industry and available
resources, this could be a basic system whereby
an alert is generated and emailed when
suspicious activity is detected on a firewall,
through to a 24*7*365 Security Operations
Centre monitoring networks, operating systems,
applications and end users.

Be prepared to react

Step content title

Establish a formal cyber incident management
team who have been trained in and are following
a documented plan, which is tested at least
annually.

Adopt a risk-based approach to resilience

Adopt a risk-based approach to resilience

Establish recovery plans (including
comprehensive backups) for all processes
and supporting technologies in line with their
criticality to the survival of the business.

Implement additional automated protections

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Challenge and test regularly

Challenge and test regularly

Carry out a cyber incident simulation exercise
to test your executive management’s ability
to manage the response to a significant
cyberattack. Carry out an initial red team
exercise (essentially a planned attack, carried
out by professional ethical hackers) to test
your technical ability to detect and respond to
sophisticated attacks.

Create a cyber risk management lifecycle

Create a cyber risk management lifecycle

Reflect on all areas of your cyber risk
management programme and identify areas
for ongoing improvement, repeating risk
assessments on a regular basis, and considering
compliance with relevant regulations.

Netic's Cyber Protection Activity Plan

Netic's Cyber Protection Activity Plan

Establish governance and organisation

Establish governance and organisation

Start by understanding key business drivers
and obtaining senior management support
for a robust cyber security programme.
This is followed by establishing roles and
responsibilities, agreeing your strategy,
developing policies and standards, and enabling
reporting.

Identify what matters most

Identify what matters most

Map business objectives/products/services to
supporting people, processes, technology and
data infrastructure, and rank by criticality to your
business. This includes the ecosystem/supply
chain which you operate within, both 3rd parties
who supply you and those that you supply.

Understand the threats

Understand the threats

Understand who might want to attack you, why,
and how they might go about carrying out such
an attack in order to allow you to focus your
efforts on how to respond to the most likely
threats.

Define your risk appetite

Define your risk appetite

Start to understand what the most likely
cyberattacks could cost your business through
simplified cyber risk quantification coupled
with a cyber risk management framework,
which forms part of your overall operational risk
management processes. This includes setting
your risk appetite and reporting mechanisms to
ensure you operate within it.

Focus on education and awareness

Focus on education and awareness

Establish an education and awareness
programme, ensuring all of your employees,
contractors and third parties can identify a
cyberattack and are aware of the role they play in
defending your business against threat actors.

Implement basic protections

Implement basic protections

Secure your business at the technology level
by deploying basic protections including secure
configuration, patch management, firewalls,
anti-malware, removable media controls,
remote access controls, and encryption.
Establish a Vulnerability Management (VM)
programme which manages vulnerabilities from
identification through to remediation. Establish
an effective Identity and Access Management
(IAM) programme to control access to your
information. Focus on data protection and
privacy (technical and compliance) as well as
managing third parties who have access to/
control of your data.

Be able to detect and attack

Be able to detect and attack

Establish a security monitoring capability
which can detect an attack through monitoring
activity at various levels within your business.
Depending on your industry and available
resources, this could be a basic system whereby
an alert is generated and emailed when
suspicious activity is detected on a firewall,
through to a 24*7*365 Security Operations
Centre monitoring networks, operating systems,
applications and end users.

Be prepared to react

Step content title

Establish a formal cyber incident management
team who have been trained in and are following
a documented plan, which is tested at least
annually.

Adopt a risk-based approach to resilience

Adopt a risk-based approach to resilience

Establish recovery plans (including
comprehensive backups) for all processes
and supporting technologies in line with their
criticality to the survival of the business.

Implement additional automated protections

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Challenge and test regularly

Challenge and test regularly

Carry out a cyber incident simulation exercise
to test your executive management’s ability
to manage the response to a significant
cyberattack. Carry out an initial red team
exercise (essentially a planned attack, carried
out by professional ethical hackers) to test
your technical ability to detect and respond to
sophisticated attacks.

Create a cyber risk management lifecycle

Create a cyber risk management lifecycle

Reflect on all areas of your cyber risk
management programme and identify areas
for ongoing improvement, repeating risk
assessments on a regular basis, and considering
compliance with relevant regulations.

Get smarter - Detection & Response

Whitepaper: How to discover and stop threats in time

Get the best possible overview

This whitepaper gives you an overview of your security set-up, which gets you in eye level with your enemy. Du get smarter within these areas:

  • The reality of cybercrime and its constant development
  • The importance of a correct data foundation as well as processes and playbooks
  • The many opportunities, that Machine Learning and Artificial Intelligence holds – an important weapon in the fight against cybercrime
  • IBMs SOAR (Security Orchestration, Automation and Response): Resilient

Download your whitepaper here

How Netic Managed Detection & Response works

Netic Managed Detection & Response is based on several well-known detection tools, which we combine with your existing systems.

Alarms and incidents from these tools are managed by our 24/7 Security Operations Center (SOC), and we ensure – by use of our best practice use cases – that these incidents are attended to in a quick and effective way.

Both our SOC and detection tools are continuously provided with data from international intelligence platforms such as MISP and IMB X-Force, enabling us to be prepared for new threats.

Intelligence

  • MISP
  • X-force
  • Watson

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

24/7 SOC

Security operation center

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

SOAR

Security Orchestration, Automation & Response

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

DUCL

Digital Use Case Library

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Alarms, Indicators, Incidents

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Detection

SIEM

Security Incident Event Management

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

LM

Log Management

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

EDR

Endpoint Detection & Response

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

VSPT

Vulnerability Scan Penetration Test

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

IDS

Intrusion Detection System

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

DLP

Data Loss Prevention

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Customer Systems

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Have a talk with us

If you would like to know more about Netic Managed Detection and Response, please fill out the form and Mick will give you a call.