Enterprise Compliance Engine

Proactive compliance strategy and regulatory change management in real time. Learn more >

AI-for-a-proactive-approach-to-compliance-menu

 

Latest Case Study

Formula One: Feedback management solution​ improves car reliability during Formula 1 World​ Championship​

A No-Code Solution

At Decision Focus, our no-code solution allows users to adapt and modify fields and functionality within the application whilst hiding what happens behind the scenes, making our platform easily configurable to meet your exact needs.

Want to Know more?

At Decision Focus we deliver a GRC solutions customised to your needs - all in one SaaS platform.

Our support team is ready to help your organisation get started with Decision Focus.

SecureDevice - IT Security case study

April 6, 2021

A leading IT security provider eliminates 1,700 hours manual work and delivers instant IT risk posture across all customers.

Overview

SecureDevice is top tier Danish owned IT-security business. Many of Scandinavia’s top 300 enterprises have chosen to partner with SecureDevice due to their deep network security expertise covering SIEM, firewalls, IDS/IPS, security scans, log handling, DNS security, and protection of servers.

In 2020, Computerworld awarded SecureDevice number one in IT-security.

Security Incident & Event Management (SIEM) as a service

Any company that wants to improve its security posture and better protect itself knows it needs rigorous approaches to detect security incidents. Security Incident & Event Management (SIEM) is a $4.2 billion market that has evolved
to become central focus for many companies’ IT Security setup. The security overviews from SIEM and ability to
respond to the most critical events helps protect sensitive data and provides evidence that helps meet compliance
requirements.

The cost of setting up and subsequently running an in-house Security Operations Centre (SOC) providing 24/7 security
information and event management (SIEM) is however still prohibitive for all but the largest corporations.

This has led to the market for SIEM-as-a-service which provide companies all the benefits needed from a security
information and event management system without any of the headache or capital investment. SecureDevice’s
easycurity SIEM-as-a-service, built on IBM’s market leading SIEM, QRadar provides an attractive proposition for
companies who don’t want the cost of implementing and self-managing an in-house SOC. With the market for SIEM as-a-service projected to increase between 12 percent to 15 percent annually through 2025 SecureDevice are well
positioned to captialise.

”The Decision Focus platform has been a gamechanger for our users.”

“Full transparency across our Risk Landscape across different IT Security systems. Not only have we been able to reduce cost, manual errors and time to deliver Risk Overview Reports – but the templates from Decision Focus will help us drive new, cross category risk analysis, trends and metrics to continuously monitor and increase the security posture for subscribing companies.”

Michael Albek

Michael Albek, CEO at SecureDevice

The Challenge

SecureDevice are experts in optimising and tuning SIEM solutions, reviewing security events, proposing recommendations and ensuring that the solution is optimised for their subscriber's IT environment and current threat image.

To keep their subscribers informed of incidents discovered through the SIEM, SecureDevice had traditionally sent a
weekly report summarizing any incidents, detailing how attacks were resolved and providing recommendations for
further fine tuning of the SIEM as false positives were uncovered.

The reports relied on manual extracts from QRadar and a lot of manipulation of data in Excel. Results were pasted into
Word, commentaries added and the reports were saved to .pdf files that were then emailed to the subscriber. The whole process behind creating the reports was extremely time consuming and importantly it took the security consultants away from other value-added activities.

Reporting on findings and providing actionable information is an essential part of the service but SecureDevice were
looking for a smarter and more efficient way. They began to ask themselves:

  • What if our subscribers are “bored” of seeing yet another PDF report?

  • How could manual weekly time-consuming reports be automated, so we can use our time on developing our state-of-the-art IT security?
  • How can we minimise the possibility of human errors?

Key Numbers

The Solution - Delivered in 3 weeks

Decision Focus helped SecureDevice establish an IT Security Portal to handle security reporting for all SecureDevice’s easycurity and on-premise-hosted QRadar subscribers. The whole project was completed within just a 3 weeks due to a combination of a clear, shared vision and a fast implementation methodology.

DF Securedevice Blog Assets 1-100

DF Securedevice Blog Asset 1-100

Using rapid prototyping, a Proof of Concept was established to help evaluate the potential benefit of presenting data from the SIEM in a more visual and engaging way. SecureDevice could quickly see the potential benefit when management overviews were combined with the ability to drill down into the underlying detail.

Alongside the interactive dashboards, SecureDevice wanted to continue with production of the weekly report but automate all the manual activity so the weekly report was automatically produced. Decision Focus were able to demonstrate how the weekly report could be generated dynamically, directly from within the portal following the exact style guidelines that subscribers were used to. The resulting report could be consumed online or saved as PDF to be shared internally.

Since the Decision Focus platform is built on a modern microservices architecture, the REST-services integration to
IBM QRadar was completed quickly. The integration handled the retrieval of offences from multiple QRadar instances on a scheduled basis ensuring that the portal was always up to date with the latest risk posture.

The Result

SecureDevice are now offering Decision Focus SaaS as an IT Security Portal to handle automated security reports and tailored Dashboard solutions for a range of Government, Media & Phamaceutical customers. New subscribers are onboarded on a weekly basis.

“Decision Focus has automated the manual, labour intensive weekly reporting we provide to our subscribers. We can now provide our CISOs with a simple, consolidated view of all the security monitoring services we provide.”

Jan Straarup, Security Consultant

One central IT Risk Monitoring Portal enables SecureDevice to track individual IT risk posture for each subscribing company.

Each data set is available for the subscribing company only. Web access to Decision Focus platform delivered on the IBM Cloud.

IT Risk Monitoring Portal

The current solution has resulted in 572 annual security reports created automatically. In the past, these individual
reports could take hours to draft – all are now created instantly with no delivery time. This gives another valuable
benefit, in form of lower reaction time in order to solve potential critical incidents. Freeing up more time, for highly
skilled security advisors to enable IT risk reduction across a growing set of subscribers.

Using Decision Focus SaaS has also made it possible for SecureDevice to offer their subscribers tailored dashboards
with interactive and better graphical ways of showing data.

Several pain points like time consuming security reports, potential human errors during reporting, outdated reporting
design is now history and SecureDevice can use more time on improving their IT Security solutions.

“The IT Security Portal has been well received and our subscribers are asking us to extend the visibility to other service areas such as patch and configuration compliance, vulnerability management and cyber risk management.”

Michael Albek, CEO at SecureDevice

What’s next? It’s your move...

 

Any questions?

The Decision Focus team are here to answer your questions.