A major African fuel company has gained more cyber risk visibility and security maturity with the deployment of Nview Managed Detection and Response (MDR).
The client, managing offices across Africa and in Europe with a lean, efficient IT team, has deployed Nview and contracted Nclose managed services, to increase its cyber resilience and take the company closer to its goal of proactive cyber risk mitigation.
With a lean, efficient IT team managing much of the company’s security operations, the client sought to mature its security profile and gain more visibility into cyber security risk, to allow for more proactive mitigation measures.
The fuel sector is a particularly high risk industry in terms of cyber crime, with espionage, hacking and targeted phishing attacks increasing dramatically in recent months. The client, seeking to constantly improve its security profile, sought an endpoint detection and response and a managed Security Operations Centre to take the company closer to its goals of enhanced and more proactive security.
Following a rigorous assessment, the fuel company contracted Nclose in 2018 to supply its Nview solution and supply managed serves across the company’s footprint in 26 African countries and offices in Europe. Nview is positioned as more than a solution, but instead as a defence team that integrates with the business, identifies configuration weaknesses, helps in terms of reporting to the board, and provides actionable alerts – providing clear guidance when an alert fires. The selection process was supported by Nclose’s standard model for onboarding customers by conducting an incident response maturity assessment, which happened to coincide with the client’s own incident response policy revision process.
The company selected Nclose based on the service levels the company could offer, as well as the fact that the Nview solution is constantly evolving and maturing. Importantly, the solution and service proved more cost effective than developing a similar capability in-house.
In what was one of Nclose’s largest deployments in terms of geographic area covered, Nview was implemented for over 3,500 users in over 26 countries.
Nclose and the client collaborated closely on the EDR and SOC implementation, which was completed within tight timelines. Exercises were carried out to ensure the MDR response integrated with the client’s incident response; and the partners collaborated closely on very specific alerts and actions that should be performed.
The client’s lean and fast-moving IT teams, who are continually rolling out new projects and maintaining the dispersed infrastructure, are able to depend on Nclose to manage and maintain Nview at a predictable cost, with rapid response and support. Monthly reports measure how effectively Nview protects the organisation against threats, highlighting areas for remediation and giving visibility into the 1% of threats that may have been missed. The company has increased its focus on security by the company, with new board level visibility.
For the fuel company, Nclose’s service is key to the success of the partnership: “We work on short time frames, and we don’t have time to wait. Nclose has always been highly responsive to any queries. For us, the benefit of working with Nclose is that they continue growing both the team and the solution; they have the ability to change, modify and mature the product and their relationship with us.”
Following the success of the first engagement, the client is now moving to partner with Nclose on further managed services as it moves its security strategy forward.
Managed Detection and Response (MDR) is the evolution of the managed Security Operations Centre (SOC) service. Nview is a MDR service which provides advanced threat detection and a key element missing in most traditional SOC’s offerings… the human element. Nview is built and maintained by Nclose with almost a decade of experience in delivering managed security services, security assessment services and consulting services. Combining this experience with a blend of open source and in house written applications has produced a leading edge MDR solution. Traditionally SOCs have relied on vendor supplied use cases or traditional technologies like Antivirus or Web Filtering to detect threats. These traditional inputs often generate false positives or require significant tuning to be truly effective, and this is rarely done proactively. Nview allows clients with stretched security budgets and thinly spread security teams to have a world class SOC, with the latest detection methods being employed.