Introduction
ISOC is an operational team within our Risk, Security and Compliance group. The team runs the systems that provide information security detection and protection. It’s goals are to:
- Monitor, analyse, report and respond to issues that have a security impact on the delivery of services to the client.
- Proactively and reactively address platform issues that are related to the implementation of security policy.
- Assist client support and other technology teams in identifying and resolving issues related to information security.
- Integrate systems and data to increase the value of information and level of protection throughout the organisation.
Technical systems
Kurtosys security policy results in the implementation of a wealth of technical systems designed to protect, detect and respond to security events across our hosted platform and within our organisation. ISOC have oversight of these systems operated by 9 different functional teams, to provide its services to both internal and external stakeholders. This centre of excellence and expertise aggregates, correlates and integrates data to improve our operational performance and minimise our information security risk. At the core of these systems are:
- CloudFlare: WAF protection, DDoS mitigation and Bot management and rate limiting
- AWS: GuardDuty threat detection service that continuously monitors datacentre accounts and workloads for malicious activity.
- DataDog: SIEM to detect, investigate, and respond to threats across all of our environments in real time.
Supporting your supplier risk management processes
Whilst our clients’ Sales and Marketing teams enjoy the business benefits of the Kurtosys platform that provides their end users with a world leading digital experience, their Risk and Compliance teams also want to know that the systems they use match up with expectations related to Information Security. ISOC provides them with the necessary reporting to substantiate our Security Program, encompassing reports that cover:
- Recorded vulnerabilities and evidence of proactive mitigation
- Information Security indicators across the Kurtosys platform
- Analysis of web traffic and threat management information
- Access to more security information and evidence of security systems for regulatory reporting
- Measuring Security Status and Trends in Your Digital Presence
Our ISOC team will provide your organisation with additional information to:
- Improve your decision making and supplier assessments
- Reduce involvement and intervention based on greater transparency
