HERNDON, Va. -- Cybertrust ®, the global information security specialist, today unveiled enhancements to its Managed Security Services (MSS) that will provide customers with the most relevant and customized security information that is aligned to their business and prioritized against critical business assets. These updates represent the continued evolution of security from a technical issue to a business issue as Cybertrust MSS clearly address customers' business operations and continuity, in addition to traditional security monitoring and management.
With this new MSS release, Cybertrust brings together and correlates threat, vulnerability and asset information, delivering "triangulation" of these three elements. By enriching threat information collected through 24x7x365 monitoring activities with vulnerability information and asset criticality information, Cybertrust and the client can assess both the technical impact of a security incident based on threat and vulnerability information, as well as its business impact based on the asset criticality information.
Typically, security devices managed by a Managed Security Services Provider (MSSP) generate threat information at the technical level, helping to detect traffic that might expose the organization to risk. However, this threat information on its own as is provided by the traditional MSSP does not allow customers to make an informed decision as to the potential impact against their businesses. As an example, detecting a piece of malcode on the network does not necessarily mean a customer's business is in danger; immediate action against the malcode is required only if the target is a critical business system, such as a revenue-generating application.
To distinguish whether an organization is really at risk and to what extent based on the threat data, two additional pieces of information are required: vulnerability data and asset data. Through the triangulation of threat, vulnerability and asset information, Cybertrust MSS customers are able to determine the appropriate incident prioritization, response and remediation activities based on what poses the biggest risk against the business.
"Cybertrust recognizes that as security gets more tightly engrained with the business, MSSPs need to provide actionable and relevant security information to customers to ensure that activities are prioritized and protecting the core assets of the business," said Kerry Bailey, Cybertrust senior vice president global services. "While other MSSPs may claim to provide customers with triangulation, no other MSSP offers an automated, customizable solution that translates technical security events into incident reports that can be understood by the business."
In addition to the triangulation enhancements, new MSS capabilities enable customers to trend security incident information over time. This functionality demonstrates the evolution of a number of key security parameters so that the customer can proactively optimize the security infrastructure and fine-tune policies and rule sets to increase its overall security posture. In addition, customers can illustrate both improvements to their security posture over time, as well as emerging threats against the business. Trending information is provided not only for individual customers, but also benchmarked against Cybertrust's global MSS client base in areas that include availability and health incidents; security incidents; and successful attacks.