Cyber Security for SMB’s

ACS Office Solutions uses the latest cutting-edge technology to protect companies and organisations. With one comprehensive cloud-native platform, we defend companies and organisations by using artificial intelligence and computer vision to monitor systems for suspicious activity. In partnership with SKOUT Cyber Security, ACS offer your business 24x7x365 monitoring and increased visibility into your network, and our next-generation tech, including our fully managed SIEM and AI analytics platform, can even help you prepare for zero-day attacks.

In the event of a potential security breach, our team will immediately alert you and take steps to protect your data at any time.

SKOUT Network Security Monitoring is a managed security product that provides network intrusion detection with a physical or virtual appliance. Suspected threats are correlated for AI-enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Detect potential threat activity on your network like command and control connections, denial of service attacks, data exfiltration and reconnaissance.

Key Features:

  • Network Intrusion Detection
  • SIEM Analysis
  • AI Analytics Engine
  • Self-service Reporting
  • Physical or Virtual Appliance
  • Supports key industry and regulatory compliance standards such as continuous monitoring and network monitoring

Command & Control Communication

Cross-site Scripting

DoS

FTP and Cloud Storage Exfiltration

SQL Injection

Cases:

  • Denial of Service (DoS) attacks – Identifying unusual traffic from organization-owned devices, being leveraged to perform a denial of service attack.
  • scripting attacks (XSS)
  • SQL Injection- Identifying layer-7 network signatures indicating a SQL injection attack designed to exfiltrate data from vulnerable web applications
  • FTP and cloud storage exfiltration – Monitoring network traffic over protocols that facilitate large data transfer and alerting when unusual quantities or file types are being transferred, or when the target is unknown or malicious.
  • Command and control communication – Network Monitoring can correlate network traffic to discover malware communicating with external attackers. This is a sign of a compromised account.
SKOUT Office 365 Security Monitoring is a managed security product that monitors Office 365 activity using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center to identify threat-like behavior such as unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, and brute force attacks.

Key Features:

  • SIEM Correlation & SOC Analysis
  • Support for custom alerting and reports
  • Visibility to login activity in the dashboard
  • Detects potential threats of suspicious activity in Office 365
  • Supports Industry & Regulatory Compliance requirements

Failed/ Unauthorized Access

Foreign Login

Impossible Login

Malicious Admin Changes

MFA Removed

Suspicious Email Forward

Unauthorized Delegate Access

Cases:

  • Malicious Admin Changes- Track admin activity and changes to the O365 tenant
  •  Unauthorized Delegate Access- Track when emails delegates are added
  • Foreign Login– Monitor geolocation access with IP location sourcing and login from suspicious or unusual countries
  • Impossible Login- Detect logins from different geolocations within a short period of time
  • Suspicious Email Forward- Alert when email forwarding rules have been created outside of the domain
  • MFA removed- Detect changes to MFA
  • Failed or unauthorized access – Detect failed or suspicious access attempt
SKOUT Log Security Monitoring is a managed security product that collects, aggregates, and normalizes log data from hundreds of sources for AI enabled analysis using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center. Identify threat-like behavior in your systems such as impossible logins, multi-factor bypass, coordinated attacks, and rogue agents.

Key Features:

  • Hundreds of Support Integrations
  • SIEM Analysis
  • AI Analytics Engine
  • Self-service Reporting
  • Deployment of physical or virtual appliance for on-prem logs (like syslog)
  • Supports key industry and regulatory compliance standards such as continuous monitoring and log retention
  • ROI on existing investments – Merge data from your existing security tools with multiple sources to provide greater visibility and re-use existing investment

3rd Party Violation

Anamolous Privilege Escalation

Cloud Infrastructure Attack

Compromised User Credentials

Unauthorized Access

Multi Vector Attack

Cases:

  • Unauthorized Access- Monitoring who is accessing devices and where they connect to, and alert when source or target is unknown or suspicious.
  • Compromised User Credentials- Log Monitoring can use behavioral analysis to detect anomalous behavior by users, indicating a compromise. For example, logins at unusual hours or at unusual frequency.
  • Anomalous Privilege Escalation – Log Monitoring can detect users changing or escalating privileges for critical systems.
  • Third-party violations – Monitors activity by external vendors and partners who have access to organizational systems, to identify anomalous behavior or escalation of privileges.
  • Multi-vector Attacks – Correlate data from multiple sources to get consolidated visibility of multiple attack
SKOUT Endpoint Protection is an endpoint-based malware detection and response (MDR) solution that detects and stops malicious files and processes (known as malware or ransomware) on Windows, Mac or Linux devices. Unlike traditional signature-based Anti-Virus, this product uses machine learning models to detect zero-day malware as well as known variants, fileless, script-based memory, and external device-based attacks. It is backed by the SKOUT Security Operations Center to continuously monitor for major infections and to identify infection sources.

Key Features:

  • AI and behavioral-based
  • Automated blocking
  • Protection while offline
  • Zero-Day Prevention
  • Memory Exploitation Detection and Prevention
  • Script and Fileless Malware Detection
  • Easy deployment via SKOUT dashboard
  • Visibility to all managed endpoints in SKOUT Dashboard
  • Low memory and CPU footprint
  • Supports a variety of operating systems including Windows XP

Email Payroll

Fileless Attack

Malicious Scripts

Ransomware

Remote Worker Attack

Zero-Day Prevention

Cases:

  • Malware & Ransomware- Identifies and blocks malicious executables
  • Malicious Scripts- Controls the way scripts execute to prevent attacks, including PowerShell.
  • Fileless Attacks- Eliminating the ability for attackers to use fileless malware attack techniques on protected endpoints
  • Email Payloads- Preventing malicious email attachments from detonating their payloads
  • Remote Worker Attacks- Because the technology does not rely on signatures, there are no database updates. Even home workers receive all the benefits, without being connected to the internet or secure company networks.
  • APT & Zero day Prevention: Threat intelligence and constant machine learning modeling keep new variants of threats from being successful.
SKOUT Email Protection is a cloud-based email security product that detects business email compromise, spam, and phishing-type emails and attacks. The product catches malicious emails by utilizing computer vision, AI, and machine learning. SKOUT Email Protection is fully managed and provides you with the option to either inform your users of suspicious or malicious emails through an HTML banner or block them with quarantine features. Driven, curious, mobile, and growing smarter by the subject line, SKOUT Email Protection adds an important layer of protection to your inbox.

Key Features:

  • Detects VIP spoofing, brand forgery, and other attacks used in business email compromise and phishing
  • Provides user-friendly warnings in way of banners on malicious and suspicious email
  • Sanitizes embedded links to help protect users from potentially malicious websites
  • AI and Computer Vision models to catch evasion techniques
  • Easy “Report to SOC Button” for human analysis
  • Fast Deployment built into SKOUT dashboard

Home Attack

Malicious Files

Malicious Insider

Malicious Links

Phishing

VIP Impersonation

Cases:

  • Phishing, Zero-day phishing, and 3rd party brand impersonation- AI, machine learning, and computer vision identify patterns in text, image, and html to identify potential threats. The unique banner system allows for borderline threats to be flagged without compromising business functionality.
  • VIP Impersonation- Identifies attempts to impersonate VIPs via email spoofing, typo squatting, or other malicious tactics.
  • Malicious Files-   Scans for malicious links, infected PDFs, and embedded code including scripts. Analyzes text within each email and attachment(s) to determine if sensitive words or phrases are used such as: password, invoice, payment, etc
  • Malicious Links- All links in emails are sanitized using a sandboxed server. The user cannot access the link directly. They are brought to a landing page showing a screenshot.
  • Personal Device and Home Attacks- Attacks on personal devices are mitigated by conducting analysis on the server side and injecting the results into the email, completely removing the need for remote software such as dedicated email clients.
  • Malicious insider- Machine learning develops behavior profiles and social graphs that identify suspicious emails that don’t match a known profile, triggering an impersonation warning.

At SKOUT, we are committed to make cybersecurity accessible to all by enabling MSPs to deliver cybersecurity-as-a-service. COVID-19 (Coronavirus) is driving many organizations around the world to rapidly adopt a work-from-home policy. Business Email Compromise (BEC) and ransomware are the top two threats that MSPs and SMBs are facing in today’s cyber-landscape. To enable MSPs to rapidly respond to the changing landscape, SKOUT has designed a package specifically for companies with remote employees. Each product is backed by our 24/7/365 Security Operations Center and extensive technical and go-to-market support.

SKOUT ENDPOINT PROTECTION: SKOUT Endpoint Protection is an integrated threat prevention solution that utilizes our own streaming-data analytics platform. The product combines the power of AI to block malware infections with additional security controls that safeguard against script-based, fileless, memory, and external device-based attacks and is backed by our Security Operations Center.

SKOUT EMAIL PROTECTION: SKOUT Email Protection is a cloud-based email security product that blocks spam and phishing attacks. Our solution catches malicious emails by utilizing computer vision, AI and machine learning. Driven, curious, mobile, and growing smarter by the subject line, SKOUT Email Protection adds an important layer of protection to your inbox.

SKOUT O365 SECURITY MONITORING: SKOUT Office 365 Monitoring is a managed security product that collects, aggregates, and normalizes log data from Office 365 tenants using SKOUT’s analytics platform, SIEM, threat intelligence, and 24/7/365 Security Operations Center. Identify threat like behavior in O365 like unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, mass file downloads, and brute force attacks.

Key Features:

  • Prevents and Detects Business Email Compromise
  • Blocks Ransomware
  • Powered by AI and Machine Learning
  • User-friendly
  • Rapid, Remote Deployment
  • SIEM Analysis
  • AI Analytics Engine
  • Self-Service Reporting
  • Satisfies Industry and Regulatory Compliance

Security Awareness Training: 

  • Live interactive course presented by cybersecurity professionals to increase end users’ attentiveness to cyber attacks both in the office and while at home
  • End user training sessions on malware tactics
  • Healthy online usage techniques to further reduce risk, data breaches, and cyber infections.
  • Phishing and ransomware demos to help show just how easy it is for attackers to compromise an end users’ system and account.
Create a video that will provide a clear insight to end users explaing how they can approve their cyber hygiene. To do this, you can record a zoom session and speak on the “5 Recommended Cyber Hygiene Steps for MSPs and SMBs.”

Recommended Cyber Hygiene for MSPs and SMBs

  1. Establish what you want to protect the most. The data and systems YOU care about
  2. Build concentric rings of security around that data
  3. You have to know if you have a problem, that’s WHY monitoring your network is ESSENTIAL
  4. You have to take response time down. It’s the difference between a problem getting public or not
  5. You have to pick a framework that cover People. Process and Technology, Point to the framework as a way to mitigate the risk (We believe NIST will become like GAAP accounting a standard even though it’s not perfect)

5 Steps talk track:

  1. You need to focus on the critical data and information on your network that is critical to the running of your business. What data, if stolen and became public, would hurt your brand and the overall viability of your business? Would this hurt your reputation? What intellectual property, if stolen and given control of to a competitor, would be detrimental to your business? Once you’ve identified this data… next, we recommend building concentric rings of security.
  2. We recommend building concentric rings of security around that data. We use the plural, rings, as in many instances it’s not enough to just use one solution, say, endpoint protection. If a criminal is savvy enough to get around one checkpoint, then that key data is at risk. Hackers can develop ways to get around one checkpoint.
  3. That’s why monitoring is key. You need to know if you have a problem. With network monitoring, we can see bad actors navigating around your network and gaining increased access. Monitoring provides our SOC team the ability to view your network 24/7/365 to stop any suspicious activity before it becomes a problem for you. If this occurs, we would be able to let DRP know so we can work together to remediate the situation.
  4. Back to time and reputation. Knowing you have a problem early on is the difference in something threatening your business and your reputation. What would the cost of not knowing be? The loss of data or a remediation bill, after the fact are all facets you need to consider in bolstering your cyber posture. This is not a technology issue. This is a business protection issue, your business.
  5. We recommend using a Framework like NIST to prevent, detect and respond to cyber risks. The NIST framework mitigates risk by focusing on people, processes and technology. It puts in all the elements of cybersecurity that a small to medium sized business will needs, all at a cost-effective price. If you follow the NIST guidelines, you can secure your network and you’ll be in compliance that may be applicable to your industry.

Key Metrics:

  • This years Cost of a Data Breach Report (2020), released by IBM, has showed some consistencies with last years (2019) remaining at $3.86M. (IBM)
  • The United States has the highest average cost per breach per country at $8.64M. (IBM)
  • The average time to identify and contain a data breach, or the “breach lifecycle,” was 280 days in 2020. Speed of containment can significantly impact breach costs, which can linger for years after the incident. (IBM)
  • On average, companies can save upwards of $1M by containing a breach in less than 200 days v. more than 200 days. Time is money. (IBM)

SCHEDULE YOUR CYBER SECURITY HEALTH CHECK

Fill out the form below to receive your cyber security health check.

Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.

Resources

WELCOME TO MICROSOFT 365 & SURFACE: THE MODERN WORKPLACE IS EVOLVING.

Communications, Cyber Security, Technology|

Microsoft 365 and Surface deliver the experiences employees love, the protection organisations demand, and flexibility for teams to work their way. Encourage productivity, engagement, and collaboration with Surface for Business.

Speak To A Specialist Today

We want all our clients to feel calm and assured of their choices. Our team understand that engaging ACS for workplace projects is a big deal for you.

Get In Touch
View All
View Cyber Security
Cyber Security | ACS 365

Cyber Security

We protect your business against ever-evolving threats to your security, both online and offline.

Discover
Technology | ACS 365

Technology

We provide and implement technology for a more connected, efficient and modern workplace.

Discover
Communication | ACS 365

Communications

We deliver integrated communications around your workforce behaviour for real business benefit.

Discover
Interiors | ACS 365

Interiors

We create bespoke interior designs that places your workforce behaviour at the heart of our approach.

Discover
Go to Top