Before moving on from my previous role, I commissioned Threat Hunting from Capgemini. Why? A sense of responsibility. I wanted to make sure I wasn’t leaving behind any hidden threats or data that had already been compromised. Cyber-attacks are serious business. And protecting customer records was high on our agenda.
I was the Chief Information Security Officer (CISO). We had hundreds of customers, and it was extremely difficult to detect threats internally and we were often too late. I’d already put some fundamental measures in place, but I was still concerned. I wanted to make sure as a cyber-attack could hurt a lot of our customers personally and materially. It could punch a hole in our future profitability, too. Not to mention the damage to our reputation!
Cyber-attacks were getting more sophisticated and more frequent. Big names like Yahoo and Tesco Bank were being attacked. The board was nervous. My impending departure from the company didn’t help either.
So, I met with my Capgemini consultant. I wanted to know more about their new Threat Hunting service, which I’d heard about while they were implementing our Identity and Access-as-a-Service (IDaaS) and Security Operations Center (SOC).
He told me that the service was about unifying in-depth human analysis with automated threat data processing. While SOCs look for the lateral movement and the exfiltration of data, Threat Hunting sets out to hunt down the malicious activity your security controls have failed to detect, or that were there before the SOC was put in place. The key word here is ‘Hunting.’
Without disclosing any details on the outcome, for obvious reasons, the service revealed that some unknown vulnerabilities had been exploited, fortunately without serious consequences. We were able to rectify the problem before our data was compromised. Essentially, Threat Hunting brings a proactive element to more traditional reactive cyber-breach detection tools.
It’s a crucial difference.
So here I am at my new placement with a new company, which I think would benefit from Capgemini Threat Hunting too. And my former colleagues? With effective cybersecurity in place, they can live without me now. So they say…
Check out Threat Hunting from Capgemini here. And think proactive.