Ikusi ONCE, the differential member of Ikusi’s Blue Team
In cybersecurity, Blue Team means the team of people who like to protect and provide security, as opposed to Red Team, which aims to employ attacker techniques using offensive security methods. There are also Purple Teams, which operate using a combination of both teams.
At Ikusi, we’re always on the blue side. And our Blue Team is staffed by hundreds of highly qualified people, including 100-plus certified engineers operating 24 hours a day, 365 days a year.
In addition to its own experience, this team has a tool that makes the service it offers truly differential. This is Ikusi ONCE, Ikusi’s unified operations centre, from which we monitor, support and proactively manage network, cybersecurity and IT infrastructures.
Our Ikusi ONCE guarantees incident attention, resolution and analysis to prevent any interruption in customers’ business availability.
Ikusi ONCE, the added value of managed services
The sum of our human resources and unified operations centre enables Ikusi to offer our customers managed cybersecurity, IT and network services, allowing customers to focus on developing their own business, while Ikusi takes charge of these critical areas that affect business operations but which are not specific to customers’ core.
It is not a question of providing infrastructure, although Ikusi is in a position to do so if necessary, but freeing customers from certain tasks through multi-annual service contracts.
Ikusi does the cyber-patrolling, monitoring security events, detecting anomalous behaviour and mitigating malicious events.
But, how is all this information that is collected handled? Automation is essential in this context, and this entails several key concepts.
On the one hand, there’s correlation, that is to say, seeing which incidents are related. Ikusi analyses them for correlation purposes. This is step 0 of cybersecurity automation.
Then comes priorization. Once the incidents have been grouped together, they have to be prioritized. It’s a matter of applying a triage, just like when you go to a hospital emergency room, to determine which incident deserves to be attended to first. In this step, the predefined parameters that determine priorities come into play.
The next step is verticalization, i.e. acquiring sectoral expertise. Each customer is a world in itself, even though there are incidents and problems that are common to each industry.
Automation, the linchpin of managed cybersecurity services
These three key concepts (correlation, prioritization and verticalization) serve to define and standardize recurrent activities and minimize errors in incident response, optimize resources in the highest-value operational activities, improve incident response times, boost threat detection efficiency and information consolidation for investigations.
In short, to provide these managed cybersecurity services with a high degree of automation, which is essential in a context where cyber-attacks happen one day after another.
A piece of information of Ikusi’s own making. At Ikusi ONCE we handle 8,000 million cybersecurity notifications in a month. Even though they’re not incidents, but notifications, they give an idea of the level of activity that we have to cope with to ensure that customers can run their businesses.