FAQ
Answers to some of the most important cybersecurity questions.
Why do we need co-managed security like Secuvant™ if we already have a security team?
Many companies do not have dedicated security people, but split duties for system administrators, network administrators, amongst others. Utilizing Secuvant™ ensures there are dedicated Security people, such as security analysts who are threat hunting and monitoring alerts and logs, and security engineers fine-tuning and supporting the service.
How does Secuvant's co-managed security model work?
A co-managed model defines a partnership where Secuvant™ is sent your logs for servers, firewalls, and other system devices for monitoring, threat triage and analysis. We’ll be your ‘eyes on glass’ where you’ll be our ‘hands-on devices’ as Secuvant™ will not have any access to your systems, but work with you and your team to identify threats and provide mitigation recommendations.
What type of support and corroboration of service and events does Secuvant™ provide during an audit?
During a compliance audit, you will be asked to provide evidence of centralized logging and monitoring, length of log storage (i.e. 1 year), evidence of event and monitoring actions (tickets, mitigation steps performed), etc. Secuvant™ as your co-managed partner will provide screenshots, SIEM reports, sample alert tickets, and other supporting evidence for your audit. We are always willing and able to join a call or meeting in progress with your compliance team.
What type and frequency of alerts and notifications will I receive?
The type and number of alerts are dependent on the type of Firewall, IDS, IPS, EDR, and Antivirus solutions you have in place. Our MDR and SOCaaS will provide alerts based on user and group activities, machine and share activities, network traffic and events, error and warning conditions, anomalous and suspicious events and correlations, etc. Secuvant’s SOC prides itself on sending you actionable alerts that have been researched and investigated, and that provide the next steps or mitigation suggestions. Additionally, notifications and alerts are sent by priority (informational, low, medium, high, and critical) and sent to a group of individuals you have provided us, such as an email distribution list for your security team.
How is our data stored and protected and for how long?
Long-term storage is determined during your contract negotiation; each company has different compliance needs. Typically, log storage is 365 days (cold storage). For incidents where data needs to be retrieved (outside of the 10-day active index), you would work with a SOC Analyst determining the time range, user or machine affected, and type of log source, and we will repopulate the SIEM events in collaboration with our SIEM vendor. Log storage is based in the SIEM vendor’s private cloud (S3 buckets) and protected by various means such as RBAC, encryption, and by using a vendor with a SOC II attestation.
Why do I need Secuvant™ if I already have a firewall?
Security is about having multiple-layers and a firewall provides a critical layer, but it is only one of many areas that you need to consider. Secuvant can show you the gaps you may have in your security, where your security baseline is today and create a comprehensive security program to get your business at the optimal level of security and cost. A firewall is a great start, now let’s take security further to enable your business.
What Gap Analysis do you provide?
Secuvant™ has a very well-defined methodology that covers over 100 areas of cybersecurity for small and medium businesses. These areas are based on industry standards and governance requirements that are applicable to your market. We use both quantifiable and qualified information to find the gaps in your current posture. We use a combination of scanning tools, workshops and our own modeling to find and address gaps that will enable your business to address risks. Using this model we identify all known risks, and give you recommendations on how to address them. You then make business decisions on where you want to take your strategy, with our help. The Gap analysis will be used to create a comprehensive security program customized to your business.
Do you have a security assessments to find out where we are today?
Yes. Secuvant™ has a very well-defined methodology that covers over 100 areas of cybersecurity for small and medium businesses. These areas are based on industry standards and governance requirements that are applicable to your market. We use a combination of scanning tools, workshops, and our own modeling to find and address gaps that will enable your business to address risks. Using this model we identify all known risks and give you recommendations on how to address them. We also can provide penetration testing, network, and systems scanning and recommend external auditors that may help with your governance requirements.
Why is Secuvant™ different from other MSSPs?
Simply put, we take cybersecurity from a business enablement point of view, not a lockdown and prevent angle. We start with business drivers and processes and map your security strategy to your business needs, not the other way around. Other MSSPs simply take a technology approach, selling you software and hardware that just adds complexity instead of enabling you to do business more effectively. We want you to make more money, save money and reduce risks. We know business and security, the ultimate combination.
We just had an audit, so do we need Secuvant™?
Yes, even more so now that you know what the audit findings are that you need to address. Audits are a good idea, both internal and external when it comes to cybersecurity. However, they are just informational and you must take action on the findings. This is where Secuvant can help. We can address risks identified in the audit, help you plan for future requirements, improve your governance and compliance responsibilities, and create an ongoing cybersecurity program to proactively address future audits.
How much do Secuvant™ services cost?
Less than you think, and less than doing security yourself. Secuvant™ has created a way to deliver enterprise-class cybersecurity for a small business price. This includes everything from our managed security offerings to our consulting services. We can create a monthly program that brings an entire team at your disposal for much less than it would cost to hire even one new security expert full time, saving you time and money.
What tools do you use to manage our security?
Secuvant™ uses a combination of industry standards, state-of-the-art cybersecurity tools for scanning, testing, and management along with unique intellectual property that only we can deliver. We have partnerships with world-class providers like trusted metrics and can also manage the technology you already have an investment in, saving you time and money.
When you say enable business, what does that mean?
Traditionally cybersecurity has had two sides of the equation: increase security or increase usability. These opposing sides have been at odds in the past so that if you increase security you lock down the ability to be productive. And if you decrease security and increase usability you may leave your business open to risks. Secuvant™ has found a way to enable your business at the same time you increase security and decrease your risks. We do this by taking the requirements from your business first, including employees, customers, partners and we incorporate methods and models that allow applying security standards and objectives that increase their effectiveness. This is a unique approach that turns cybersecurity from a cost center to an enabler and revenue producer. We can show you how we do this for your business anytime.
We don’t have any critical data, so if we get hacked it is no big deal. Why use you?
Protecting data is only one part of an overall security program. You may have other risks or liabilities including preventing mistakes, misuse by insider threats, malicious attacks that can compromise your systems, partners, customers, or even employees. Your liability goes far beyond just the data. There are requirements to protect your financial systems from targeted hacks such as wire transfer fraud, theft of employee confidential information, and company intellectual property. Poorly executed governance and compliance may result in government assessed fees and fines. Security breaches may cause significant disruption to business operations. Can your company survive if your computers are down for a week? A month? What if your building is damaged beyond repair? Each consideration is part of the business enablement methodology provided by Secuvant™.
We are too small to have any security problems, right?
Likely not true. Hacking and cyber threats are increasing daily and no business is immune, regardless of size. Tricks and tools have become so easy to use to hack into a company that all businesses are targets. Until now, enterprise-grade security was only for those who could afford it. This is why Secuvant™ was founded, to provide a high-quality, world-class security solution to small, medium, mid-market, and emerging enterprises at a much lower price point.
We have IT employees, so aren't we already covered?
Information security takes a very specialized skill set that most IT generally do not provide simply because it is a full-time endeavor above and beyond just IT. Secuvant™ will complement your IT team the same way a specialist doctor compliments your primary care physician. Through our vCISO services, Cyber Risk Program Management offering, and our 24×7 Security Operation Center (SOC), Secuvant’s people, processes, technologies, and experience will become valuable resources to your IT Team, delivering enhanced visibility into network, system, and user threats; creation and execution of a cyber risk management program; and alignment of business risk and cyber risk within your organization.
We have already made significant investments in existing security tools (e.g., firewalls, IDS, etc), why should I consider your services?
Secuvant™ is an independent security firm committed to working with any and all security investments previously implemented, including IDS, firewalls, routers, switches, servers, end-point protection and more. Secuvant’s comprehensive security service will increase the value of your existing investments by adding additional layers of visibility and threat detection. Secuvant integrates your tools into our eSOC and then leverages a team of security analysts and risk professionals to enhanced your security posture. Our analyst’s pre-qualify alerts to ensure they’re associated with qualified threats. Since Secuvant is an independent security provider, we will not sell you more tools but will show you how to maximize value and implement needed controls, many of which are free, and when necessary, recommend security tools that you may purchase from your preferred vendor.
How do you assist with compliance requirements like PCI, HIPAA, FFIEC, SOC-2 and others?
Secuvant™ subscribes to the belief “Compliance is not security”; however, Secuvant™ also understands compliance is a business requirement that cannot be ignored. Secuvant™ assists clients with security best practices, which in turn ensures compliance requirements are addressed and documented. We call this “compliance readiness”. Furthermore, Secuvant™ has partnered with national security audit firms Eide Bailly and A-lign, each specializing in compliance certifications such as ISO 27001, PCI, HIPAA / HI-TRUST, FFIEC, SOC-2, FISMA, FEDRAMP, DEFARS, among others. These partnerships allow Secuvant™ to assist the Client with their “Compliance Readiness” as one who is familiar and trusted by our audit firm partners. The outcome is a streamlined work effort towards security maturity and compliance adherence.
What is Secuvant’s Co-managed Security Service?
Secuvant™ can provide complete end-to-end security services, including a team of experts, to watch your security for an equivalent cost of hiring even one person. Secuvant™ will proactively manage your security for critical devices (servers, firewalls, IDS, etc.) using our cloud-based Elastic Security Operations Center (eSOC). We see real-time threats and give you enhanced visibility into your security posture and programs. We respond to security incidents, provide consulting to you and your staff regarding issues and questions, and with our managed service you minimize the need to buy expensive tools! We bring it all to the table in a complete finished service, ready to create a complete program to secure and enable your business.
What is the Secuvant™ Maturity Model?
Secuvant™ created the Secuvant™ Maturity Model whereby a company’s security posture is scored on a scale from 0 to 5 based on the ISO 27001 Security Frameworks. The model looks at two primary metrics: the overall security maturity of the organization and the effectiveness at which security controls are executed. For example, while a security control such as log collection will have a positive contribution to an organization’s maturity score, failure to proactively view and correlate log data with other data sources in the environment will have a negative impact on the effectiveness score. Secuvant’s Maturity Model ensures both security maturity and security effectiveness are measured and reported.
How does Secuvant™ help me make money with cyber security?
Information security can help enable your customers and employees to be more efficient, and increase trust to do business with your company. There are ways Secuvant™ can help your customers get access to information quicker, more securely, and have a better experience that will increase repeat business. It has been shown that customers pick providers that they trust. By using security as a marketing tool you can increase the likelihood of customers doing business with you. We can also help you better use tools like Single Sign On and strong authentication to improve customer satisfaction. We can protect the money you do make from mistakes, misuse, and malice. There are other ways too, depending on your market and strategies.