Because they quickly figured out that security is best left to security experts, they contacted SecWise, an independent Cloud security company specialized in the Microsoft365 and Azure security ecosystem, to help monitor their external traffic and help upgrade their security maturity.
At SHH Mol, SecWise’s responsibility is twofold. The first is to monitor ‘as a service’ 24×7 threats affecting SHH Mol assets. Thanks to an ironclad agreement, SecWise uses a clearly defined playbook that determines exactly which cases SecWise can handle autonomously, and which should be escalated to the SHH Mol IT team. This way both parties know exactly what each other’s responsibilities are.
But there’s no sense defending the gate when the back entrance is wide open, which is why SecWise performed a full security audit of SHH Mol’s systems. This process didn’t happen overnight, so in order to provide actionable advice and clearly show progress, SecWise uses a ‘security maturity’ model. This way SHH Mol knows exactly where they stand, which measures are most urgent, and how far they still have left to go.
The end goal, however, is peace of mind. Peace of mind for management, knowing that their organization is doing everything in their power to keep their systems safe, but also for SHH Mol’s IT team because they receive clearly delineated security recommendations to stepwise increase their security maturity.
In the world of security, there are two acronyms you simply cannot miss: the Security Operations Center (SOC) and Security Information and Event Management (SIEM). Both are closely intertwined and form the basis of the modern approach to security.
A SOC is a centralized department within an organization that continuously monitors and improves an organization’s security level while preventing, analyzing, and responding to cybersecurity incidents. A SOC mainly benefits an organization by centralizing the security operations, eliminating security gaps caused by unclear security responsibilities.
A SIEM is a technological solution that performs real-time monitoring and analysis of security-related data. For this purpose Microsoft has developed Azure Sentinel, a next generation, AI-infused SIEM tool. Because of Sentinel, SecWise can detect and resolve security events in real-time, strongly reducing both costs and (human) reaction times.
In tech terms, SecWise provides a 24×7 SOC as-a-service, using a SIEM solution called Azure Sentinel to provide real-time security threat monitoring and security posture monitoring. Though as part of their mission to improve security maturity, SecWise is encouraging adoption of the full suite of Microsoft security solutions. For instance, Microsoft 365 Defender XDR, offering a single portal for security policy management, and Microsoft Intune in combination with Azure AD Conditional Access, to implement a Zero Trust security design offering central control over how an organization’s devices including mobile phones, tablets, and laptops, are used and how all types of users can securely authenticate based on real time risk analysis.
Security is an ongoing process, and so is SHH Mol’s collaboration with SecWise. As part of Ziekenhuisnetwerk Kempen, SHH Mol decided to take the lead in their security dossier, with the intention of sharing and expanding their results with the rest of their network.
If you want to learn from those with first-hand experience with security incidents, now might be the time to start thinking about enlisting some additional security improvements to help keep your business safe. Get in touch and we will be more than happy to talk about how we can provide a security peace of mind!
Thank you Benjamin Peeters for your cooperation in this reference case.