Managed Threat Response from Dataforge
In 2021, after COVID slowed the world down, friction began to build between the nations of Russia and Ukraine. The details are numerous but one thing I could feel – the world is getting hotter. This includes the rise of military cyber attack units or state supported entities.
A valued and long-time customer during this time period asked us to put together a cyber security plan as a response to an audit. I don’t believe in coincidences. My gut told me this was going to be something important. Our customer helped to confirm it.
My past security experience was high, but becoming somewhat dated. Dataforge embarked on a mission to modernize ourselves in order to be able to best serve and prepare our customers for the future. Our security systems are numerous. They even include bespoke and internally developed systems. That being said, much of it revolves around an MTR system.
What is MTR?
MTR stands for “Managed Threat Response”. It is basically a full-time 24/7 security team to fight back should an attack occur – in real time with security specialists.
Once our MTR was installed, in conjunction with various other security systems, processes and system training, Dataforge contacted a military grade penetration tester. Their job was to attack our system from the inside.
Once the penetration test was set in motion, first our internal (custom developed) systems alerted us. These are very sensitive security monitoring systems specially developed for our company. About 20 minutes later we got a phone call from the security vendor. They said, “We have been watching your network for some time. Are you being security tested?” If this had been a real attacker, they would have been detected at this point. I should note the penetration tester was using ex-military/law enforcement personnel who were very qualified and experienced.
This is one of the special features of a reliable MTR vendor. They will watch the threat closely, gather the information they need and only shutdown systems that are in danger. This information can be used later to make sure the entire threat is eliminated.
At the end of the day you cannot combat well trained (and most likely military trained) groups with basic security software and without human oversight. These new groups that are appearing will be patient, quiet and highly skilled. MTR systems allow a team of human beings to understand what is going on in real time, make sound decisions, adapt and fight back.
Internally, Dataforge uses Sophos MTR as our security vendor. We continue to put them to the test and continue to be impressed with their Managed Threat Response system.
References
Below I have attached the 2023 Cyber Security advisory joint task force. This clearly demonstrates that recent threats and future threats will come from nation states and supported nation states.
Joint Cybersecurity Advisory (NSA, CISA, FBI, CCCS…)
https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF
