Clicky

Netic holder hånden under din it-sikkerhed døgnet rundt

Opdag og stop cyberangreb. Hurtigt, effektivt og enkelt.

Med Netic Managed Detection & Response får du et stort hold danske sikkerhedsspecialister, som aktivt holder øje med din it-sikkerhed døgnet rundt og effektivt stopper cyberangreb, før de skader din virksomhed.

Brug for hjælp til opdage og stoppe trusler?   Kontakt os

Et sikkerhedsteam, du kan se i øjnene

Netic bygger på åbenhed og ærlighed. Vi skal kunne se hinanden i øjnene, og du må gerne kigge os over skulderen.  

Du får adgang til vores SOAR (Security Orchestration, Automation and Response) system IBM Resilient, så du altid har overblik over aktuelle angreb, og hvem der håndterer dem.

Vi benytter et sæt best practice use cases baseret på ISO 27001 og CIS20-kontroller, som gør det let og hurtigt at nå et højt modenhedsniveau. Disse kan suppleres med ekstra use cases målrettet til jeres specifikke behov.

En af de store fordele ved at samarbejde med Netic er, at vi har forstand på andet og mere end sikkerhed. Du får adgang til et meget stort hold af eksperter inden for både applikationsdrift og softwareudvikling – som en del af Trifork-koncernen, har vi mere end 800 kollegers viden at trække på.

Med andre ord: Vi forstår både din infrastruktur og dine applikationer, og derfor kan vi bedre beskytte dig og stoppe angreb.

Vores ydelserCases

Det får du med Netic Managed Detection & Response

Effektivt beredskab til at opdage og stoppe cyberangreb

Et bredt hold af højt kvalificerede specialister

It-sikkerhed døgnet rundt uden store etablerings- og driftsomkostninger

Dansk SOC med danske specialister - dine data forlader ikke landet

Håndtering af incidents fra jeres eksisterende sikkerhedsløsninger

Fuld transparens i samarbejdet

Sikkert fra governance over drift til optimering

Netic kan hjælpe dig i alle faser af dit arbejde med jeres it-sikkerhed. Ved at gennemgå vores anbefalede model for cybersikkerhed trin for trin, hjælper vi jer med at ramme det rette sikkerhedsniveau, få en systematisk proces for jeres it-sikkerhed og finde den rigtige balance mellem risikovillighed og budget. Processen er iterativ, så når du er rundt, er du ikke færdig, men kan starte fra trin 1, og forbedre hvert enkelt trin, samtidig med at du gør jeres sikkerhed mere robust.

Netic's Cyber Protection Activity Plan

Establish governance and organisation

Establish governance and organisation

Start by understanding key business drivers
and obtaining senior management support
for a robust cyber security programme.
This is followed by establishing roles and
responsibilities, agreeing your strategy,
developing policies and standards, and enabling
reporting.

Identify what matters most

Identify what matters most

Map business objectives/products/services to
supporting people, processes, technology and
data infrastructure, and rank by criticality to your
business. This includes the ecosystem/supply
chain which you operate within, both 3rd parties
who supply you and those that you supply.

Understand the threats

Understand the threats

Understand who might want to attack you, why,
and how they might go about carrying out such
an attack in order to allow you to focus your
efforts on how to respond to the most likely
threats.

Define your risk appetite

Define your risk appetite

Start to understand what the most likely
cyberattacks could cost your business through
simplified cyber risk quantification coupled
with a cyber risk management framework,
which forms part of your overall operational risk
management processes. This includes setting
your risk appetite and reporting mechanisms to
ensure you operate within it.

Focus on education and awareness

Focus on education and awareness

Establish an education and awareness
programme, ensuring all of your employees,
contractors and third parties can identify a
cyberattack and are aware of the role they play in
defending your business against threat actors.

Implement basic protections

Implement basic protections

Secure your business at the technology level
by deploying basic protections including secure
configuration, patch management, firewalls,
anti-malware, removable media controls,
remote access controls, and encryption.
Establish a Vulnerability Management (VM)
programme which manages vulnerabilities from
identification through to remediation. Establish
an effective Identity and Access Management
(IAM) programme to control access to your
information. Focus on data protection and
privacy (technical and compliance) as well as
managing third parties who have access to/
control of your data.

Be able to detect and attack

Be able to detect and attack

Establish a security monitoring capability
which can detect an attack through monitoring
activity at various levels within your business.
Depending on your industry and available
resources, this could be a basic system whereby
an alert is generated and emailed when
suspicious activity is detected on a firewall,
through to a 24*7*365 Security Operations
Centre monitoring networks, operating systems,
applications and end users.

Be prepared to react

Step content title

Establish a formal cyber incident management
team who have been trained in and are following
a documented plan, which is tested at least
annually.

Adopt a risk-based approach to resilience

Adopt a risk-based approach to resilience

Establish recovery plans (including
comprehensive backups) for all processes
and supporting technologies in line with their
criticality to the survival of the business.

Implement additional automated protections

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Challenge and test regularly

Challenge and test regularly

Carry out a cyber incident simulation exercise
to test your executive management’s ability
to manage the response to a significant
cyberattack. Carry out an initial red team
exercise (essentially a planned attack, carried
out by professional ethical hackers) to test
your technical ability to detect and respond to
sophisticated attacks.

Create a cyber risk management lifecycle

Create a cyber risk management lifecycle

Reflect on all areas of your cyber risk
management programme and identify areas
for ongoing improvement, repeating risk
assessments on a regular basis, and considering
compliance with relevant regulations.

Netic's Cyber Protection Activity Plan

Establish governance and organisation

Establish governance and organisation

Start by understanding key business drivers
and obtaining senior management support
for a robust cyber security programme.
This is followed by establishing roles and
responsibilities, agreeing your strategy,
developing policies and standards, and enabling
reporting.

Identify what matters most

Identify what matters most

Map business objectives/products/services to
supporting people, processes, technology and
data infrastructure, and rank by criticality to your
business. This includes the ecosystem/supply
chain which you operate within, both 3rd parties
who supply you and those that you supply.

Understand the threats

Understand the threats

Understand who might want to attack you, why,
and how they might go about carrying out such
an attack in order to allow you to focus your
efforts on how to respond to the most likely
threats.

Define your risk appetite

Define your risk appetite

Start to understand what the most likely
cyberattacks could cost your business through
simplified cyber risk quantification coupled
with a cyber risk management framework,
which forms part of your overall operational risk
management processes. This includes setting
your risk appetite and reporting mechanisms to
ensure you operate within it.

Focus on education and awareness

Focus on education and awareness

Establish an education and awareness
programme, ensuring all of your employees,
contractors and third parties can identify a
cyberattack and are aware of the role they play in
defending your business against threat actors.

Implement basic protections

Implement basic protections

Secure your business at the technology level
by deploying basic protections including secure
configuration, patch management, firewalls,
anti-malware, removable media controls,
remote access controls, and encryption.
Establish a Vulnerability Management (VM)
programme which manages vulnerabilities from
identification through to remediation. Establish
an effective Identity and Access Management
(IAM) programme to control access to your
information. Focus on data protection and
privacy (technical and compliance) as well as
managing third parties who have access to/
control of your data.

Be able to detect and attack

Be able to detect and attack

Establish a security monitoring capability
which can detect an attack through monitoring
activity at various levels within your business.
Depending on your industry and available
resources, this could be a basic system whereby
an alert is generated and emailed when
suspicious activity is detected on a firewall,
through to a 24*7*365 Security Operations
Centre monitoring networks, operating systems,
applications and end users.

Be prepared to react

Step content title

Establish a formal cyber incident management
team who have been trained in and are following
a documented plan, which is tested at least
annually.

Adopt a risk-based approach to resilience

Adopt a risk-based approach to resilience

Establish recovery plans (including
comprehensive backups) for all processes
and supporting technologies in line with their
criticality to the survival of the business.

Implement additional automated protections

Implement additional automated protections

Start to mature existing capabilities (e.g.
automate VM and IAM processes using specialist
technology), in addition to implementing
complimentary capabilities/technologies such
as Intrusion Prevention Systems (IPS), Intrusion
Detection Systems (IDS), Web Application
Firewalls (WAF) and Data Loss Prevention (DLP)
systems.

Challenge and test regularly

Challenge and test regularly

Carry out a cyber incident simulation exercise
to test your executive management’s ability
to manage the response to a significant
cyberattack. Carry out an initial red team
exercise (essentially a planned attack, carried
out by professional ethical hackers) to test
your technical ability to detect and respond to
sophisticated attacks.

Create a cyber risk management lifecycle

Create a cyber risk management lifecycle

Reflect on all areas of your cyber risk
management programme and identify areas
for ongoing improvement, repeating risk
assessments on a regular basis, and considering
compliance with relevant regulations.

Bliv klogere - Detection & Response

Whitepaper: Sådan kan du opdage og stoppe trusler i tide

Få det bedst mulige overblik

Dette whitepaper giver dig det overblik over dit sikkerhedssetup, der gør dig i stand til at være i øjenhøjde med fjenden. Du bliver bl.a. klogere på:

  • Cyberkriminalitetens virkelighed og konstante udvikling
  • Vigtigheden af et korrekt datagrundlag samt processer og playbooks
  • De mange muligheder, som Machine Learning og Artificial Intelligence rummer – et vigtigt våben i kampen mod cyberkriminalitet
  • IBMs SOAR (Security Orchestration, Automation and Response): Resilient

Download dit whitepaper her

Aalborg Universitet

Sikkerhedsmasterplan har ført til fortsat samarbejde

I januar 2019 udkom Rigsrevisionen med en rapport, der kritiserede forældede IT-standarder på flere danske universiteter og fokuserede ikke mindst på mangler indenfor cybersikkerhed. Aalborg Universitet var i samarbejde med Netic  kommet kritikpunkterne i forkøbet og havde blandt andet allerede færdiggjort en ny sikkerhedsmasterplan.

Læs casen

Få en snak med os

Udfyld formularen, hvis du vil høre mere om Netic Managed Detection and Response, så ringer Mick dig op for en snak om dine muligheder.