Companies that are aware of the dangers within the cybersecurity landscape and are looking for the best possible solution to deal with them, want a Security Operations Centre (SOC). The main barriers to overcome are often technology, associated processes, and the recruitment of security specialists. SOC-as-a-Service offers solace, but is prohibitively expensive for many companies. Excellium and Tech Data provide a way around this with an accessible solution: XLM360 Foundation.
Companies looking for a SOC solution quickly get an abrupt reality check since there’s a lot involved in rolling out such a service internally. The most difficult factor is finding security professionals to keep the SOC running. In the enterprise market and, for example, in the banking sector, a SOC is a commodity, but for many smaller companies, it seems like an unobtainable dream. However, they also have data that is interesting enough for them to become a victim of hackers.
A Ferrari for the price of a Fiat?
SOC-as-a-Service offers companies extra stability because they don’t have to search for specialists and software themselves. There’s no need to provide for a complex setting or to put sometimes hard to find IT security specialists on the payroll. In theory, this can be interesting, but here too, the prices are often far too high. “It’s important for medium to large businesses to have a security solution in house without making compromises,” says Wim Kretzers, Advanced Managed Services specialist at Tech Data.
“Ultimately, as a customer, you want to have the best security and monitoring. To launch something like this as an affordable solution, you have to make choices. Wanting a Ferrari for the price of a Fiat isn’t possible. Therefore, together with Excellium, we are marketing a lean & mean SOCaaS solution with only the necessary features to protect the predetermined target group from current and future cybersecurity threats.” The result is XLM360 Foundation, a new service that Excellium provides at the request of Tech Data’s partners.
With XLM360 Foundation, Excellium and Tech Data can respond to a growing demand for an affordable SOC solution because every company that works with data is vulnerable today. Tangible examples are the many cyberattacks that paralyse organisations.
“XLM360 Foundation makes detection and reaction capabilities to cyber incidents accessible for every organization,” said Geoffrey Lucas, Sales and Business Manager at Excellium Services.
A SOC ensures that the entire company is optimally secured. The SOC consists of three building blocks: technology, processes, and people. It is the latter that is the biggest challenge currently. “Just try persuading several security experts to come work in a single enterprise. Good luck with the search,” Kretzers laughs. “Security experts usually seek challenging environments in which to fully utilise their talents. Not every organisation can offer them that, which often makes recruitment difficult.”
In an as-a-Service model, you make it easier for companies because they don’t have to look for specialists themselves. These are gathered together by an external party, guaranteeing optimal service. That’s what Excellium and Tech Data want to offer: that peace of mind that comes from knowing everything is monitored 24/7 by experts.
Everything in a SIEM
By offering a SOCaaS at an interesting price, it finally becomes feasible for mid-sized companies. Excellium and Tech Data have achieved this by linking a fixed monthly cost to a certain number of data sources and use cases. “Compare it to a subscription to Office 365: adding additional users costs more each month. The same applies to our SOCaaS. The more data sources are accessed, the higher the price,” says Kretzers. “We help companies to determine what their acceptable risk is and to match it with the required IT security budgets.”
XLM360 uses IBM QRadar as its Security Information and Event Management (SIEM) solution. The more data and logs you record, the more expensive the solution becomes. “We have tailored the solution to the most common cybersecurity threats by linking the right data sources to the SIEM. In doing so, we weighed the acceptable risk against the financial picture.” This includes things like an Active Directory or a firewall, and not the customer’s switch or storage solution. “By working within those constraints, we can offer a SOC with an affordable price tag, while maintaining a high quality,” said Kretzers.
Content of the SOC
The minimum contract for a SOCaaS is twelve months. On average, it takes two to four weeks before Excellium has all the information needed to launch XLM360 Foundation. Such a SOC includes a comprehensive audit with an incident preparation plan. Incident response capabilities are determined in advance and best practices are also shared. Furthermore, there are the escalation possibilities to first-, second-, and third-line support.
“An alert is followed by qualification, escalation, and data collection. The customer’s IT operations team receive a notification and can start working on the incident with the remedial documents we provide,” says Kretzers. “When a customer doesn’t have the required skills to work on the solution based on the provided remediation steps, they can always call Excellium’ specialists for help.”
Excellium delivers a monthly monitoring report to the customer and a newsletter with more general information such as existing risks, a summary of hazards, compliance, and other important information. “Our goal with this SOCaaS is to shake up companies that first dismissed a SOC because the solution was too expensive,” says Kretzers. “XLM360 Foundation fills an important gap in the SOC market and finally provides an accessible solution.”
Willem Magerman, Business Unit Manager Transformation at Tech Data, concludes:
“Cybercrime has become the greatest threat to every company in the world, but with XLM360 Foundation we can help more companies than ever before to properly defend themselves.”