Cipher’s xMDR platform: Prosegur offers clients the best protection from the cybersecurity

Cybercrime has hit the security industry hard over recent years, creating what some analysts have described as a perfect storm. Using tactics, techniques and procedures (TTPs, a key concept) criminal gangs are able to plan sophisticated  data theft and extortion. Cipher, the cybersecurity division of Prosegur, reports the existence of some 800 active ransomware campaigns worldwide. Faced with this proliferation of threats, companies have been forced to implement more software, more solutions and more devices from multiple vendors, leading to security fragmentation and incomplete visibility of their technological infrastructure, exposing them to greater cyber risks.

 

Carlos A. Fernandez, Senior Global Vice president of xMDR at Cipher, points out that this increased range of threats, coupled with the lack of consistency between technologies generates a "tsunami of alerts," with thousands daily, the overwhelming majority of which turn out to be false. Fragmented architecture also hampers the responsiveness of the defense system, which struggles to generate precise rules to detect suspicious behavior or completed attacks. In addition, the growing scarcity of digital talent, especially in the cybersecurity field, further exacerbates this perfect storm battering organizations

 

In response to this challenging landscape, Cipher Labs, the company's specialized threat research and cyber intelligence division, asked itself a key question: does it make sense to keep doing the same thing and expect different results? The answer was clear: no. It was necessary to raise the stakes and the value proposition. Thus was born a pioneering solution, "100% developed by Cipher and unique in the market, which addresses all the elements of this storm: visibility, fragmentation and a lack of talent."

Fernandez illustrates this change of vision with a powerful metaphor. While traditional platforms focus on the attack of an armed criminal, "xMDR goes further and follows the chain all the way to the arms supplier or manufacturer." This detailed knowledge of how contemporary cybercrime operates makes it possible to generate much more precise and effective rules.

The xMDR model is based on digital adversary profiling. Cipher Labs applies three layers of intelligence to track TTPs, trends, campaigns and vulnerabilities: human, artificial and prospective. Based on an individual company's profile and the TTPs used against it and its industry, the team generates a battery of rules to neutralize known attacks, which account for 90% of the total. Cipher Labs and the platform use simulation scenarios, replaying the attacks to analyze the TTPs, generate reliable telemetry and refine the rules, of which there are now more than 6,000 in use.

xMDR takes action based on these customized rules. Its Smart Alert Processing engine monitors a client’s technology (antivirus, firewalls, repositories...) both reactively, through its own rules, and proactively: those generated by the cognitive engine, identifying incidents and refining previous rules, as well as generating new ones based on incidents. This allows the system to anticipate a defense, since the attack chains repeat previously executed TTPs.
 

xMDR is a preventive platform that offers Security Operations Centers differential advantages compared to existing market solutions, supported by customer feedback. Among the features that set it apart are its ability to speak the "metalanguage" of any technology and vendor, its neutrality and independence from previous architecture, its coverage of the entire perimeter and its immediate implementation thanks to its cloud architecture. 

In addition, its automated operation using artificial intelligence and machine learning makes up for the shortage of skilled professionals in the field of cybersecurity. The modularity of the platform also offers flexibility to the customer, who can choose to contract just the platform, or to add the xMDR service in order to deal with 100% of the alerts, managing the lifecycle individually for each customer of deployment, execution and response through its team of experts.

A real use case shows the impact of xMDR. Approximately 500 rules generated for one customer in one week filtered out 12,000 alerts, discarding 99% of noise and detecting only 120 real incidents.
 

 

The effectiveness of xMDR is evident both in the daily work and in the quality of service agreements. As Fernández explains that it has been possible to profile a company in just half an hour and assign around 450 rules the same day, an impossible feat for traditional implementations that require months. “When customers see xMDR in action, witnessing its efficiency and speed of response, they are amazed,” says Fernández.

In short, Cipher's xMDR, backed by Prosegur, is the only solution to meet the challenges of cybersecurity. Its innovative approach, its ability to adapt to a client’s specific technological needs and its proven effectiveness make it the definitive choice for organizations looking for comprehensive protection from the perfect storm out there that is battering the competition. Backed by Prosegur's trust, experience and reputation, xMDR is now positioned as a unique solution in the market.
 

Discover more about Ciber

What to do in a cyberattack? Business alertness and best practices are the best response

What does the future hold for the cybersecurity of connected assets? SCADAfence, against new threats

The major cybersecurity challenges against a backdrop of increasing technological attacks