It’s no secret that many organizations can’t find enough experienced, trained security professionals to staff their security teams. And trying to stay in front of the increasingly hostile threat landscape is only making matters more urgent.
Setting up your own Security Operations Center (SOC) can be a tedious and expensive process, even if you can find the right resources to run it. In response, many companies are turning to managed security services.
CSC is one of the clear leaders in this space. An $8B global systems integrator and services provider with more than 56,000 employees in more than 60 countries, CSC operates five SOCs around the world that service more than 450 clients.
Recently CSC added CloudPassage Halo to its arsenal for these clients. We sat down with Erik Winebrenner, director of CSC’s Global Cybersecurity portfolio, to find out why.
CloudPassage: Tell us a bit about CSC.
Erik: Well, CSC is a Fortune 500 company who are providers of innovative next-generation technology services and solutions to some of the world’s largest organizations. We have a deep heritage in the U.S. public sector and protecting national security, but we’re now focused entirely on commercial clients and international governmental clients. The thing that sets us apart from other large technology firms is our technology independence and extensive partner community. So, we can really say our goal is creating best-of-breed solutions, based on our client’s needs and preferences. And, secondly, we’ve invested in providing cybersecurity at global scale through our SOCs and security specialists located throughout the world.
CloudPassage: What’s driving the CSC MSSP business today?
Erik: Cybersecurity is ranked in many studies as the No. 1 technology initiative in 2015 for many enterprises. Our MSSP business is growing fast because companies are under intense pressure to respond to two significant forces: taking advantage of the speed and agility benefits of elastic compute environments, and responding to increasingly sophisticated cybersecurity threats.
Many enterprises are partnering with CSC to help them accelerate movement into cloud computing, mitigate the cost of setting up and maintaining security operations centers, automate compliance, take advantage of the latest security technology and monitor critical infrastructure for advanced threats. Partnering with CSC just makes sense as it helps these companies solve these challenges so they can focus on their businesses.
CloudPassage: Why did you choose CloudPassage Halo to power infrastructure security for CSC clients?
Erik: CloudPassage Halo offers something unique in the market: a platform approach to security that is on-demand, automated and works in any infrastructure at any scale. Our clients have a mixture of environments, so we needed a solution that works seamlessly, anywhere. We also needed to integrate the layers of Halo protection into our existing cybersecurity customer portal (“Pulse”), so Halo’s open REST API was critical in our decision process. Using this API, we’re now able to have a ‘single pane of glass’ view for our clients’ entire security posture.
CloudPassage: How is the CSC MSSP offering structured?
Erik: With our managed cloud workload security service (see diagram), Halo agents are installed on every workload, with customer-tailored policy creation, configuration and management. Using our integrated Pulse portal and the functions provided by Halo, we’re able to monitor configurations, software vulnerabilities and intrusion detection data for their entire infrastructure. Alerts are delivered when anything out of sorts is detected. Then we work with the client on remediation strategies.
We can also develop and deliver custom fine-tuned policies tied to system account management, firewall management and file integrity monitoring as needed. At the highest level of service, our clients receive fully monitored SIEM analysis and advanced reporting. The whole idea is to give our clients a wide selection of services that fits their business needs, security posture and risk tolerance.
CloudPassage: What are the core value propositions for CSC clients that work with you as their MSSP?
Erik: Our clients are able to meet all of their critical control objectives in a model where CSC is watching over their infrastructure 24x7x365. They gain visibility into their enterprise and individual-asset-security posture. We’re able to uncover and manage vulnerabilities and configuration issues in near real time. Our clients get immediate reports showing open issues against CIS benchmarks, and we are able to do this across an entire account or department or by system type.
Because we have structured our offering in a consumption-based pricing model, our clients pay for only what they use, which reduces cost considerably when compared with operating your own SOC. And complexity is reduced since we’re on the hook to integrate our monitoring and reporting services with existing tools; it’s not the client’s job. Finally, our clients get the benefit of best practices learned from managing the operations center for more than 450 enterprises.