Cegeka Careers Language Why Cegeka Back
Trinity of Innovation

5G, Artificial Intelligence and hybrid cloud: all breakthrough technologies in and by themselves. But their real potential?

Discover the future with us
Icons_Navigation_Cegeka&Society

Cegeka & Society

We develop innovative solutions with a positive impact on the environment, people, and society.

Icons_Navigation_Why Cegeka

Why Cegeka

As a family-owned IT solutions provider, we work In close cooperation with our customers.

Icons_Navigation_Our Story

About Us

Our strong values form the cornerstone of our identity and are at the baseline of our success.

Icons_Navigation_Annual Report

Annual Report

Dive into the details of our growth. Read the full report and learn more about our continued success.

More Cegeka

Our Management

Corporate News

Contact & Locations

Solutions Back
Solutions
Hybrid Cloud

Hybrid Cloud

Explore the added value of cloud adoption for your business

Data solution

Data & AI

Discover our different data solutions to help you become a data-driven company.

RegulatoryCompliance_Visuals_Navigation (1)

Regulatory Compliance

Ensure GDPR & GxP compliance with our comprehensive solutions.

Cyber Security & Networking Solution

Cyber Security & Networking

With cyber resilience, your organisation becomes a bit more secure with each day.

Digital Workplace Solution

Digital Workplace

Hybrid workplaces that increases productivity and reduces costs

Testing_Visuals_IconNavigation (1)

Testing Solutions

Experts in testing, program development, automation, training, and certification.

Applications Solution

Applications

Building the applications to embed growth, innovation and agility

Business Solutions

Business Solutions

Transform your business with Microsoft Dynamics ERP and CRM, integrated with Microsoft’s Power Platform.

website_navigation_dms_cegeka_uk

Disclosure Management System

Transformation and implementation of our information disclosure product

5G_Citymesh

5G & Mobile Private Networks

Expertise and development experience to bring all the advantages of 5G

Products and platform solutions

Products & Platforms

Software solutions that optimize business processes and drive success.

Services Back
Services
Website_Navigation_IT_Team_Extension_3

IT Team Extension

The best IT professionals to support your projects

AgileCoaching_Blog_The applicability of Agile and Scrum

Agile and DevOps Services

Your guide on your journey towards sustainable value delivery

Outsourcing Services

Outsourcing & Managed Services

Outsourcing your IT helps you to focus on your strategy.

Website_Navigation_Consultancy

Consultancy

The right skills and attitude to support the IT projects at your office

Website_Navigation_Projects

Projects

Integrating the right digital solutions for your IT project

Industries Back
Industries

Our industry-tailored services are designed to address specific challenges and opportunities across different industries

Website_Navigation_Finance_and_Insurance-1

Finance & Insurance

Take a major step towards cloud computing to increase effectiveness through the use of AI and big data.

Industries_Federal_Social_Government_Headervisual_General_1000x800px

Federal & Social Government

Embrace digitalization and harness the power of data to make citizens' lives easier, work smarter and boost efficiency.

Website_Navigation_Telecom_UK

Telecom

Unlock the potential of 5G and IoT to deliver faster, smarter, and more reliable services.

Insights Back
Knowledge is our backbone

We believe in sharing our insights and expertise with you. Explore our resources and learn more about our products, services and industry trends.

Icons_Navigation_Case Studies

Case Studies

Step into the world of our delighted customers and see how we helped them achieve their goals.

Icons_Navigation_News Items

Corporate News

Stay in the loop with our company news, announcements, awards and events.

Icons_Navigation_Blogs

Blogs

Read our latest articles on topics ranging from technology, innovation, business and beyond.

Icons_Navigation_Webinars

Webinars

Be part of the action with our live or on-demand webinars, where our experts share invaluable knowledge.

Icons_Navigation_Ebooks

E-books & Whitepapers

Download our guides and reports on various aspects of technology and business.

Icons_Navigation_Events

Events

Find out where we are going to be next, and register for our upcoming events.

CTG Academy

Academy

Enhance your skills with our expert-led training courses, tutorials, and certifications at our Academy.

Join our Academy
Back
Select language

English - United Kingdom

Corporate (English)

Austria (German)

Belgium (Dutch)

Belgium (French)

Denmark (English)

Germany (German)

Greece (Greek)

Italy (Italian)

Romania (English)

Sweden (English)

The Netherlands (Dutch)

United Kingdom (English)

Let’s get in touch
Cegeka Why Cegeka
Trinity of Innovation

5G, Artificial Intelligence and hybrid cloud: all breakthrough technologies in and by themselves. But their real potential?

Discover the future with us
Icons_Navigation_Cegeka&Society

Cegeka & Society

We develop innovative solutions with a positive impact on the environment, people, and society.

Icons_Navigation_Why Cegeka

Why Cegeka

As a family-owned IT solutions provider, we work In close cooperation with our customers.

Icons_Navigation_Our Story

About Us

Our strong values form the cornerstone of our identity and are at the baseline of our success.

Icons_Navigation_Annual Report

Annual Report

Dive into the details of our growth. Read the full report and learn more about our continued success.

More Cegeka

Our Management

Corporate News

Contact & Locations

Solutions
Solutions
Hybrid Cloud

Hybrid Cloud

Explore the added value of cloud adoption for your business

Data solution

Data & AI

Discover our different data solutions to help you become a data-driven company.

RegulatoryCompliance_Visuals_Navigation (1)

Regulatory Compliance

Ensure GDPR & GxP compliance with our comprehensive solutions.

Cyber Security & Networking Solution

Cyber Security & Networking

With cyber resilience, your organisation becomes a bit more secure with each day.

Digital Workplace Solution

Digital Workplace

Hybrid workplaces that increases productivity and reduces costs

Testing_Visuals_IconNavigation (1)

Testing Solutions

Experts in testing, program development, automation, training, and certification.

Applications Solution

Applications

Building the applications to embed growth, innovation and agility

Business Solutions

Business Solutions

Transform your business with Microsoft Dynamics ERP and CRM, integrated with Microsoft’s Power Platform.

website_navigation_dms_cegeka_uk

Disclosure Management System

Transformation and implementation of our information disclosure product

5G_Citymesh

5G & Mobile Private Networks

Expertise and development experience to bring all the advantages of 5G

Products and platform solutions

Products & Platforms

Software solutions that optimize business processes and drive success.

Services
Services
Website_Navigation_IT_Team_Extension_3

IT Team Extension

The best IT professionals to support your projects

AgileCoaching_Blog_The applicability of Agile and Scrum

Agile and DevOps Services

Your guide on your journey towards sustainable value delivery

Outsourcing Services

Outsourcing & Managed Services

Outsourcing your IT helps you to focus on your strategy.

Website_Navigation_Consultancy

Consultancy

The right skills and attitude to support the IT projects at your office

Website_Navigation_Projects

Projects

Integrating the right digital solutions for your IT project

Industries
Industries

Our industry-tailored services are designed to address specific challenges and opportunities across different industries

Website_Navigation_Finance_and_Insurance-1

Finance & Insurance

Take a major step towards cloud computing to increase effectiveness through the use of AI and big data.

Industries_Federal_Social_Government_Headervisual_General_1000x800px

Federal & Social Government

Embrace digitalization and harness the power of data to make citizens' lives easier, work smarter and boost efficiency.

Website_Navigation_Telecom_UK

Telecom

Unlock the potential of 5G and IoT to deliver faster, smarter, and more reliable services.

Insights
Knowledge is our backbone

We believe in sharing our insights and expertise with you. Explore our resources and learn more about our products, services and industry trends.

Icons_Navigation_Case Studies

Case Studies

Step into the world of our delighted customers and see how we helped them achieve their goals.

Icons_Navigation_News Items

Corporate News

Stay in the loop with our company news, announcements, awards and events.

Icons_Navigation_Blogs

Blogs

Read our latest articles on topics ranging from technology, innovation, business and beyond.

Icons_Navigation_Webinars

Webinars

Be part of the action with our live or on-demand webinars, where our experts share invaluable knowledge.

Icons_Navigation_Ebooks

E-books & Whitepapers

Download our guides and reports on various aspects of technology and business.

Icons_Navigation_Events

Events

Find out where we are going to be next, and register for our upcoming events.

CTG Academy

Academy

Enhance your skills with our expert-led training courses, tutorials, and certifications at our Academy.

Join our Academy
Corporate (English) Austria (German) Belgium (Dutch) Belgium (French) Denmark (English) Germany (German) Greece (Greek) Italy (Italian) Romania (English) Sweden (English) The Netherlands (Dutch) United Kingdom (English) Careers Let’s get in touch
Home Discover our latest blogs Discover our latest blogs Using MDR cost-effectively against cyberattacks
Cyber Security & Networking
4 minutes reading

Using MDR cost-effectively against cyberattacks

Security Operations Centres (SOCs) are a crucial weapon in the fight against cybercrime. These teams of analysts are there to prevent security breaches and keep your data safe. Their three main tools – SIEM, EDR and NDR – are cutting-edge technologies for detecting and mitigating security risks. We look at how SOCs can help protect you from cyber security threats in the best and most cost-effective manner.

Fabrice Wynants

Fabrice Wynants

June 30, 2021

The 4 key components of your fight against cyber security threats

A previous blog post, Becoming cyber resilient: Managed Detection & Response shuts down security breaches quickly and efficiently, discussed the ideal approach to addressing cybersecurity threats in a rapidly changing world. Before we build on this, let’s briefly go over the main components of this approach again:

  1. Security Operations Centre (SOC) consists of analysts who monitor your organization for possible cybersecurity breaches. They have three main tools in their arsenal.
  2. Security Information & Event Management (SIEM) system collects logs from a variety of sources and provides real-time analysis and notifications of suspicious events.
  3. Network Detection and Response (NDR) analyses network traffic, determines the risk level, detects anomalies and, through integration with other systems, can even respond automatically in some cases. A malicious connection, for example, can be blocked by the firewall immediately. The SOC analysts evaluate the reports from the NDR and react accordingly.
  4. Endpoint Detection and Response (EDR) monitors the use of endpoints (computers or mobile devices), detects abnormal behaviour and can sometimes respond automatically. It allows SOC analysts to connect directly to the endpoints, retrieve information and data, and intervene where necessary. For example, an endpoint can immediately be removed from the network in the event of an intrusion, which minimizes any possible damage.

Analyst firm Gartner has named these three systems the ‘SOC Visibility Triad’. They each have their unique advantages and complement each other, allowing a SOC to do its job optimally in terms of detection and response.

MDR_SOC_Visibility_Triad_2134x1068

Start small, grow later

While the combination of SIEM, NDR and EDR forms an ideal toolbox for a SOC, it is perfectly possible to start with just one or two components. After all, each of these components can also be used separately. You can start with one component to keep costs low, and add other components as you gain experience with your security approach.

SIEM is more well established than NDR and EDR. We commonly see two scenarios:

  • You already have a SIEM and want more insight into threats and to be able to respond more efficiently
  • You don't have a SIEM yet and want to build your security architecture as effectively as possible

Let’s look at these scenarios in more details.

From SIEM to a complete security architecture

If your organization has had a proactive approach to security for some time, your SOC may already have a SIEM up and running, whether on-premises or in the cloud, or even in a hybrid architecture. But as we discussed in our earlier blog post, a SIEM alone is not enough to detect today's sophisticated security attacks. What's more, with a SIEM-only approach you're missing out on fast response capabilities.

The most cost-effective next step in this situation is to complement your SIEM with EDR. This increases threat visibility, addresses the growing threat of endpoint system breaches, and optimizes the cost of your SIEM. It also allows you to respond more quickly to threats, reducing the operational impact. If you want to go one step further, you can also implement NDR for visibility in the network, particularly in environments where you cannot roll out EDR. This allows you to achieve full integration and the fastest possible response times.

MDR_Building_Blocks_1051x1051

Starting from scratch

If you do not have an SIEM yet, make EDR your first priority. This technology is the most cost-effective, and it allows you to respond quickly to threats from the outset.

Then, extend visibility with an SIEM. This will let you add logs from a variety of critical sources, even from the cloud. Your security system will then be able to analyse much more data for suspicious events. In a third step, you can add a network perspective with an NDR.

Always up to date

Compliance rules are becoming ever stricter, and so you need to be aware of the latest requirements and understand how to meet them.

In this process, you have to be aware that cybersecurity threats are evolving rapidly. Today's cybercriminals have become more professional, are launching more sophisticated and targeted attacks than in the past, and this will only continue.

Continuously keeping up with the latest regulations and the changing security landscape is quite a challenge. The IT department in any business requires in-depth expertise to find the right solutions.

That is why for many companies – with or without a CISO – cooperating with an external party is the best plan of action.

24/7 access to security experts

There is currently a shortage of security experts on the labour market. As a result, not all organizations have the required security profiles in their workforce. If a security incident occurs, you probably do not have the in-house expertise and skills to respond quickly and appropriately.

It’s also important to remember that cybercriminals do not sleep. Often these operations are not run by one individual, but by a gang, operating internationally and trying to break into your company around the clock. Few organizations have the resources to detect and respond to cyber threats 24/7.

By outsourcing to a proven security expert, you don't have to worry about any of this. With Cegeka Managed Detection and Response, you can rely on experienced analysts who keep countless organizations safe every day. And thanks to our scale, we can do this more cost-effectively – allowing you to focus on your core activities.

Want to know how MDR investments could benefit you? Or do you need help convincing your management of the importance of the investment?

Fabrice Wynants

Fabrice Wynants

More of Fabrice Wynants articles

Get in touch