EN

Importance of detection & response cyber incidents neglected

Read time: 5 minutes

It is virtually impossible to entirely prevent computer crime and data breaches. There’s no such thing as an impenetrable ‘wall’. Serious damage can only be prevented by timely detection and remediation. Yet a vast majority of organisations still neglect detection and response.

In its 2019 Cyber Security Monitor, CBS – the Dutch Central Statistical Office – reports a positive development in the security levels of organisations. The focus, however, is on prevention and Managed Detection & Response (MDR) is given too little attention. In the 2018 Market Guide for Managed Detection and Response Services, Gartner reported that only 5% of the organisations surveyed use MDR systems.

For the very reason that attacks and breaches are virtually impossible to prevent, MDR should play an important role in the risk management of organisations. And in insuring cyber risks, as MDR helps limit the damage caused by computer crime.

MDR attainable for everyone

At claims managers Van Ameyde the development of MDR has been a learning process of many years. The external solutions that were used were expensive and ultimately no longer met the requirements, particularly when GDPR came into force. After all, the obligations of claims managers are not limited to their customers, but extend to policyholders, third parties and financial authorities as well.

Besides, Tiago Faria, the Security Officer of Van Ameyde’s IT organisation (Zero)70, has a vision that goes beyond securing Van Ameyde. “I wished to reduce the security center’s expensive and scarce human factor as much as possible. MDR should also be attainable for less cash-rich companies and even NGOs.” His words were put into action and Faria’s vision was realised with the incorporation of 3CORESec, a company developing MDR services: from building blocks for existing security centers to a comprehensive virtual Security Operations Center (vSOC).

Insight, relevance and speed

Faria discusses the development of the vSOC and experiences of MDR users, “We set to work to resolve the bottlenecks that we as users faced in the past ourselves. Lack of true insight in the reported threats was one of them. External security modules seem to resemble black boxes. To effectively remediate threats, we need insight in the nature and impact of an incident.”

Relevance follows naturally from the need for insight. Relevance of threats differs per line of business, as concluded by CBS, but obviously also per organisation. Easily accessible, relevant information ensures that the security managers can act more swiftly. “We use, for example, speech and language technology, helping us make urgent notifications as accessible as possible to the person responsible for taking measures. The speed at which this person or team intervenes is of the essence. After all, information security continues to be about human intervention,” says Faria.

MDR in the cloud

An ever increasing number of organisations make use of cloud services. This makes the need for insight and transparency even greater. Particularly in such a shared infrastructure the question is: who is responsible for what part? To be able to provide answers, 3CORESec has developed a large part of its services in the AWS cloud. “AWS has appointed us an AWS Select Technology Partner,” says Faria. “This helps us bring MDR under the attention of a very large group of AWS users and market studies only go to show how important this is.”

MDR drives down costs

Without a doubt prevention continues to play an important role in information security. An MDR strategy, however, is crucial to making remediation effective and efficient. In addition, MDR in particular could substantially reduce the damage resulting from security incidents. As a result, MDR could be a cost-reducing factor in calculating cyber insurance premiums.

Being an AWS Select Technology Partner helps us bring MDR under the attention of a very large group of AWS users.

Tiago Faria
Security Office Van Ameyde | Zero70

Forward thinking

Get the latest news and industry thoughts from Van Ameyde. With 75 years’ experience, you can count on our insights and knowledge to help you ensure your continuing success.  More articles

Uncategorized

1 min reading

Southwest Region Spotlight

Read More >

Digital transformation

2 min reading

Van Ameyde wins the Diamond Award at ITC DIA Amsterdam 2024

Read More >

Claims management

3 min reading

AI & Automation: Making Humans More ‘Human’ in the Claims Process

Read More >

Claims management

2 min reading

Exploring the Characteristics of Motor Liability Insurance Claims Handling in the Nordic Countries

Read More >

Claims management

4 min reading

How Van Ameyde is using technology to revolutionise the claims and repairs process for vehicle insurers

Read More >

Claims management

4 min reading

Cross-border claims: Getting personal about bodily injury claims in France and Italy

Read More >

Systems

1 min reading

(Zero)70 IT Services, part of Van Ameyde Systems, achieves BSI certificate extension

Read More >

Sustainability

10 min reading

How Van Ameyde Scandinavia is Driving Global Sustainability

Read More >

Claims management

4 min reading

Cross-border claims: Three key things to know about the UK legal system

Read More >

Organisation

3 min reading

The impact of the war in Ukraine on business and the insurance industry

Read More >

Organisation

2 min reading

Twentyfour, Rekon and Interschaden join forces in the field of loss adjustment sector

Read More >

Claims management

4 min reading

How to fulfill your claims promise… People, bots, AI?

Read More >

Digital transformation

4 min reading

Intrasurance Technology Services & (Zero)70 combine forces as Van Ameyde Systems

Read More >

Claims management

3 min reading

iptiQ EMEA P&C partners with Van Ameyde

Read More >

Partnerships

3 min reading

Van Ameyde participates in SEAsia Group

Read More >