Detection & response is the solution

At a time when cyber incidents are increasingly making headlines, it’s interesting to focus on this growing phenomenon: dealing with the cyber threat posed to companies.

On the global scale

A study by Cybersecurity Ventures estimates the cost of the harm caused by cybercrime at $6 trillion in 2021, i.e. the equivalent of the gross domestic product of the world’s third-largest economy.

In that context, more and more companies are under attack and cybercriminals are making money by developing “as-a-service” solutions with which to launch attacks on their defenceless victims. With the commoditisation of cyberattacks, we observe a decorrelation between the skill level of the attackers (downwards) and the degree of sophistication (upwards).

Moreover, to short-circuit the traditional protection technologies (firewall, antivirus, etc.), the attack techniques are becoming ever more sophisticated. This includes fileless malware, i.e. malicious software that installs itself without a file. Faced with this level of sophistication, it becomes necessary to analyse behavioural anomalies in good time.

The detection & response trend

The evolution in attack techniques is pressing protection technologies to their limits. Despite these protection layers, malicious actors are successfully infiltrating the perimeter of their targets. 77 % of successful attacks use fileless malware that cannot be stopped by traditional security tools. 

That’s why it’s important to detect anomalies within the infrastructure and respond to them, to limit potential damage (extraction/deletion/modification of data, espionage, etc.).

A managed solution

Given the lack of cyber skills available on the market, the Orange Group is keenly aware of the difficulties organisations have when it comes to developing internal detection & response capacities. That’s why Orange has developed a managed detection & response solution integrating the network components, terminals and user identification. This solution removes a burden from the operational teams and allows the company to benefit from the threat intelligence capacities of a leading group in the cybersecurity field.

“The MicroSOC solution was developed to defend the cyber interests of Belgian organisations, primarily SMEs,” says Thomas Le Clerc, B2B Product Manager Cyber Security at Orange. “With MicroSOC, in a few clicks you can isolate all or part of your system while maintaining access for investigation and reconstruction. Our teams of experts then immediately begin to investigate.”

Other similar solutions exist for organisations at the cutting edge in terms of cybersecurity. “In this case, the principle of a CyberSOC solution is similar to the MicroSOC service, the difference being that it can address more complex and specific perimeters,” Le Clerc explains.