Johannesburg, 22 Aug 2024
Vodacom company Nexio has officially launched its security operations centre (SOC), strategically located onsite at Vodacom World, Midrand. This milestone moves the company closer to its goal to become a fully fledged managed cyber security services provider.
In today’s dynamic and ever-evolving threat landscape, traditional security models are no longer sufficient to protect organisations from sophisticated cyber attacks, says Johann Schoeman, senior security operations manager at Nexio.
“We believe that a continuous adaptive risk and trust improvement strategy offers a proactive approach that adapts to changing risks, contextual factors and user behaviour,” says Schoeman.
The Nexio SOC is positioned at the heart of this strategy, providing a foundation from which to enhance security by continuously assessing risk, dynamically adjusting trust levels and making informed decisions based on real-time insights.
“Our SOC is a team of experts who monitor, detect, and respond to cyber incidents using advanced tools and technologies. Our SOC is there to help organisations safeguard their data and assets, reduce risk exposure, and comply with regulatory standards,” Schoeman adds.
The SOC speaks to Nexio’s belief that in today’s cyber crime environment, it is imperative to not only detect threats, but respond to them effectively and efficiently.
Nexio has incorporated digital forensics incident response services in its SOC service offering.
“This is a team ready for rapid response and deployment to assess, contain and advise on remediation measures. The team can also perform forensic investigations on systems to ascertain the threat or breach and gather forensic sound evidence for reporting and regulatory or legal requirements,” Schoeman continues.
Comprehensive solution
Nexio’s team of cyber security specialists understand that a comprehensive solution stack is an effective way to protect sensitive data against cyber threats and high severity incidents.
Schoeman explains the end-to-end value chain.
“We offer a comprehensive solution to protect your sensitive data against cyber threats and high severity incidents. Our experienced team swiftly identifies and mitigates cyber risks, we provide a rapid incident response process, ensuring timely detection and analysis,” he adds.
“Our meticulous documentation ensures investigations withstand legal scrutiny, despite the critical nature of our services; we offer competitive pricing and tailor methods to each unique incident and organisation.”
The company’s engagement model includes a detailed investigation to determine the breach’s nature, root cause and affected high-value assets, followed by tailored remediation recommendations.
Nexio adopts a threat- and identity-centric approach with zero trust. This places the company in an ideal position to evaluate situational awareness to empower organisations to identify and respond to threats more effectively.
“We look at enhanced situational awareness to help organisations identify and respond to threats more effectively and quickly before they cause damage. Proactively identifying and investigating potential threats, then taking appropriate action to mitigate them. We build automation into our systems to perform hunts as incidents occur, reducing the time for triage of incidents. With a zero trust mindset and framework, the assumption is that no user or device should be inherently trusted, even in the internal network until earned based on ongoing assessments.”
Nexio asserts that adopting a continuous improvement strategy is key to staying abreast of the security posture within the organisation.
It’s about continuously monitoring and assessing the posture rather than relying on periodic audits.
Organisations should continuously evaluate the risk factors, threat intelligence and vulnerabilities.
Schoeman and his team explain that security decisions are not binary, they adapt based on the specific context, user behaviour and environmental conditions. With adaptive decision-making with contextual awareness, trust levels are adjusted dynamically.
“What we do next and will be more prevalent in the future are things like advanced threat intelligence integration with AI assisted decision-making; advanced automation and orchestration to reduce the human time spent on security incidents; and threat hunting maturity that enriches information in near real-time. With all this, it is vital that feedback and reporting is improved, with business-aligned security metrics that match the organisation's strategic objectives and contribute to the overall protection and success of the company. This then rolls up to executive and board level reporting to ensure transparency and accountability.”
Schoeman emphasises that cultivating and providing knowledge and skills to organisations with a clear security roadmap will help them strengthen their cyber security resilience and posture.
Share