One way to describe how it works is by comparing your organization’s network security to that of your home’s.
There are three (3) essential phases of any effective security system – Before, During, and After . Within these three phases, there are three (3) corresponding actions that must happen – Protect, Detect, and Respond .
At home, you have some perimeter controls in place to help deter an intruder. Maybe you have some deadbolt locks, gated entry, and other controls in place to keep bad people out. You have to try and protect your home from invasion.
However, when they get in, you want to know about it. So, you installed an alarm system, a siren, linked it to a central monitoring station, installed surveillance cameras, and other sensors throughout your house. You have to detect the intruder.
Finally, once you know someone made it inside your house, you have to do something about it. You take action by getting your family to a safe room, utilizing a shotgun, a large dog, or an emu. Then, you call the police and alert your list of emergency contacts. By doing something, you reduce the total impact the intruder will create. By doing all three of these things, you reduce the likelihood of a major incident.
AnchorPoint’s Integrated Threat Response service focuses on detection and response. The primary purpose of ITR is to decrease attacker dwell time in your network. It’s improbable to stop them from getting in.
The difference between companies making headlines for being breached and companies making headlines for reaching record stock prices is the amount of time attackers have to make off with their sensitive data.
That’s why AnchorPoint’s Security Analysts hunt for signs of malicious activity 24×7. It takes continuous diligence to protect your customers’ data.
Once a threat is identified, our analysts will eliminate it, or escalate according to SLA.