PROTECTING CUSTOMER DATA
Network & Endpoint Threat Detection and Response as a Service
A FTSE 350 fashion retailer recognised the increased threat that a fast changing cyber-security environment posed to its operations and customer data bank, and was no longer satisfied that preventative security controls of its technology and staff alone was sufficient for the protection of its brand from the threat of a data breach.
In addition it is recognised that the ability to identify breaches and determine their impact is a key component of the incoming GDPR regulations (May 2018). As well as placing importance on preserving the confidentiality of patient data in the first instance, the regulation stipulates that in the event of a breach organisations must file a report within 72 hours of identification, and organisations must notify individuals who have had their data compromised within the same 72 hour period. The ability for the client IT department to identify the point of a breach and pinpoint what data might have been compromised when questioned by the Board/customers is recognised as critical therefore and an ability to proactively monitor the environment and the data needed to conduct investigations, is recognised as the only means to meet these new regulations.
The retailer subsequently engages Contour who provide the following capability:
- 24/7 fully managed IDS and SIEM service that enables the client to gain full visibility and control of threats targeting them, whilst allowing the in-house IT team to focus on their business output and service to the staff and their clients.
- Utilisation of global threat intelligence feeds, to improve detection rates and enable proactive monitoring against the latest threats relevant to their sector.
- A rapid detection of abnormal endpoint behaviour, which includes delivery of precise response actions and isolation of incident regardless of VPN connectivity
- Breach incident management, notification and reporting.
- Regularly vulnerability assessments to identify weaknesses and prioritise patching.
- Capability to provide on-site Threat Detection and Incident Response when needed.
- An ability to demonstrate customers and clients the measures being undertaken to protect their data.