A next-generation security operations centre (SOC) launched by AVeS Cyber Security brings sophisticated managed cyber security solutions within reach of companies of all sizes, including smaller businesses with limited resources.

“Companies are seeking drastic measures to become more cost-efficient in a severely constrained economy without compromising their security,” says Charl Ueckermann, CEO of AVeS Cyber Security. “The launch of the Next-Generation SOC significantly lowers the cost of cyber security while allowing companies to tap into the very best skills, tools and services, which were previously only available to companies with substantial capital budgets. With our Next-Generation SOC, we are doing ‘business as unusual’; there are no upfront setup costs and companies only pay for what they use.”

The latest version of the Next-Generation SOC is a fully managed platform for monitoring, managing, and proactively maintaining cyber security environments. Giving companies access to higher levels of productivity efficiency than before, the Next-Generation SOC integrates predictive, machine learning-enabled cyber security tools that are aligned with international best practices. And, upskilling of IT staff and continuous upgrading of systems can be maintained without any additional costs.

The Next-Generation SOC gives companies access to actionable intelligence with comprehensive visibility of security-type logs, without sharing confidential customer information. The Next-Generation SOC is built on several cutting-edge technologies to monitor companies’ cyber environments, integrating with almost any application and system.

It can proactively monitor critical firewall event logs; firewalls’ uptime; endpoints’ security; critical server system logs; email security and global threat feeds on behalf of subscribing clients. These logs are ingested into the Next-Generation SOC toolsets, and a highly-specialised team of security experts oversee and respond to the security alerts generated by the system.

“The Next-Generation SOCTM delivers in-depth tracking and analysis of the genuine and constantly increasing number of cyber-related threats to which companies are exposed every day,” says Ueckermann. “Many companies do not have the skills and resources in-house to analyse network traffic, malware, firewall health, and global threat feeds. Not only are these skills expensive to retain, but they are also in short supply.

“You have to eat, sleep and breathe cyber security to understand it, proactively manage it, as well as pre-empt and mitigate the risks. Offered as a fully managed service, the Next-Generation SOC eliminates the need for onsite SOC infrastructure and in-house cyber security analysts, both of which can be prohibitively expensive for small and medium-sized companies to recruit and manage.

“Our Next-Generation SOC model is based on three standards of best practice; COBIT 2019, the NIST Cybersecurity Framework and the SANS Cyber Incident Management Framework. So it is not simply about remote security monitoring and alerts, but also active incident response. Our team of highly-qualified and experienced security specialists working alongside leading technologies underpinning the Next-Generation SOC are a powerful combination,” he adds.

Furthermore, capital expenses that were previously required to gain access to SOC infrastructure are now eliminated. SOC tools, such as log collectors, are installed on a client’s network in the areas where log ingestion is needed. Secure site-to-site VPN will also be configured for remote dashboards and alerts into the Next-Generation SOC.

Pricing for services is based on the amount of data (logs) (GB) consumed per day. Companies get around the clock monitoring, threat analyses, monthly risk profile reports, cyber incident response and a dedicated dashboard. Although software-as-a-service and the outsourcing of cyber security are not new, Ueckermann says the concept of consumption-based managed security services is emerging throughout Africa.

“Fixed licences and service level agreements can be a burden because companies pay for the same amount of services, software and capacity that they do not need every month. Upfront annual costs and fixed agreements can also place the outsourcing of cyber services out of grasp for smaller businesses, especially for those with long business cycles, project-driven organisations or cash-strapped businesses. It is time for a change. With a consumption-based structure, companies of all shapes and sizes have the opportunity to outsource cyber risk cost-effectively,” concludes Ueckermann.