Why Cybersecurity Matters for Distributed Enterprises
Distributed enterprises such as hospitality chains, F&B shops, retailers, utility networks, hospitals, government institutions, and banks have multiple branches or locations, both regionally and globally. Many of these enterprises often use only localised security services to protect against cyberattacks allowing for multiple “doors” of entry across distributed property sites from cybercriminals.
And it’s not just the businesses that are under attack. Many companies have valuable databases that contain sensitive customer information such as names, addresses, mobile numbers, email addresses, credit information, and much more. Whether it is a phishing attack, or ransomware, or some other nefarious method, cybercriminals stole $6.9 Billion in 2021, using various methods to break into remote workplaces. (1)
Mid-size companies are the most vulnerable. In a recent breach in April of 2022, The Works, a discount stationery and books retailer, was forced to close many of its 500+ stores across the UK after hackers targeted the retailers’ tills and deliveries (2). The ransomware attacks involved locking store staff out of their system and demanding money. To this day The Works is still unaware of both how and who perpetrated the attacks.
In the most recent Cyber Security Breaches Survey, the UK Government has reported that across all business sizes, 39% reported cyberattacks in the past year alone. Of that figure, mid-sized firms suffered the highest rate with 59% experiencing a cyber-attack. (3). The inference being that SMEs have a higher risk of being targeted because they don’t have proper security protocols in place and awareness within management is not proportionately prioritised as it is for larger firms.
The most common threat vector are phishing attempts at 83%. More sophisticated attacks such as a malware, denial of service, or ransomware attack were reported at 21%. Most organisations cited ransomware as being the biggest threat (4).
The Solution
Hughes provides a centralised solution, using software and hardware technology to protect all your business assets and data across your ENTIRE distributed network and physical locations both regionally and globally. This will allow you to defend your business no matter where it goes or how complex it grows, with cybersecurity designed for the highly distributed enterprise.
Our core position on cybersecurity is that a vulnerability anywhere is a risk everywhere. At Hughes, we deliver managed cybersecurity designed to defend everywhere our clients go and every way their network grows.
SIEM & SOC, what’s the difference?
SIEM stands for Security Incident Event Management and is different from SOC, as it is a system that collects, and analyses aggregated log data. SOC stands for Security Operations Centre and consists of people, processes and technology designed to deal with security events picked up from the SIEM log analysis.
The Hughes Europe SOC services encompass 24 / 7 SOC monitoring, reports, alerts and central core elements for collection and storage of logs that provide the physical underlay basis for the service, but also including planning, configuration, management, troubleshooting, ticketing, remedial and customer portal.
The service is an extensive product set that includes all the required components for a comprehensive SOC service based on the main security service elements prediction, prevention, detection, and response.
The 24/7 SOC has full secure access to the log collection and storage environment, access to other components in the network is not required. We then configure, tune, filter, and refine alert rules, reports, dashboards, and analytics based on the customers environment and priorities on an ongoing basis. Incident response procedures and the customer’s specific operational runbook frameworks cover when, why, who, and how the EventTracker SOC analysts should escalate incidents and remediation recommendations to the customers attention.
SOC services attributes:
- Vulnerability management
- Threat intelligence
- Application control
- Endpoint protection
- Threat hunting
- Reduced false positives
- Security and Information and Event Management (SIEM)
- Intrusion detection
- Behavior analysis
- Automation
- Incident response
- Forensic investigation
Hughes delivers managed cybersecurity services tailored to defend highly distributed enterprises no matter where their business goes or how complex it grows. We also secure all transport type highly distributed organizations depend on, including satellite and cellular, as well as every cloud and every edge, to leave no gap undefended.
As such, we plug the gaps traditional cybersecurity vendors do not. We make sense of the complex array of underlay and overlay, service providers, and public, private and hybrid clouds and enable cyber certainty for each businesses’ unique needs. Because at Hughes, we understand complex distributed networks can’t be left to cookie-cutter cybersecurity.
Our mission is to provide unparalleled 24/7/365 managed SOC/SIEM and personalised support to enable big ambitions without big budgets. With cybersecurity expertise derived from decades of managing the largest retail, QSR, hospitality and other highly distributed enterprises, we enable business of any existing size to grow without boundaries.
For more information about how Hughes Europe can help to deliver network availability and resilience, and support in the delivery of digital transformation objectives, please get in touch.
If you have any questions related to this article, please contact Mark Farish at [email protected]