Craig, Author at Gradian Systems Ltd https://www.gradian.co.uk/author/craig/ Helping you succeed with your data protection strategy – Web, Mail, Endpoint and DLP Specialists. Fri, 08 Mar 2024 15:57:20 +0000 en-GB hourly 1 https://www.gradian.co.uk/wp-content/uploads/2021/07/cropped-gradian-favicon-32x32.png Craig, Author at Gradian Systems Ltd https://www.gradian.co.uk/author/craig/ 32 32 Gradian wins multiple awards in Broadcom’s Annual Cybersecurity Partnership Awards https://www.gradian.co.uk/news/gradian-wins-multiple-awards-in-broadcoms-annual-cybersecurity-partnership-awards/ https://www.gradian.co.uk/news/gradian-wins-multiple-awards-in-broadcoms-annual-cybersecurity-partnership-awards/#respond Fri, 08 Mar 2024 15:38:54 +0000 https://www.gradian.co.uk/?p=3316 The post Gradian wins multiple awards in Broadcom’s Annual Cybersecurity Partnership Awards appeared first on Gradian Systems Ltd.

]]>

We are delighted to announce that Broadcom has awarded Gradian two accolades in their 2023 Cybersecurity Partnership Awards.  This not only demonstrates our continued commitment, development and growth over the past 12 months but also emphasises our unwavering focus on excellence, innovation, and technical expertise within the cybersecurity domain.

For the first time, we have been awarded ‘Expert Advantage Consulting Services – Europe’ rubber-stamping the high level of expertise we provide to our ever-expanding range of clients across multiple industries.  Furthermore, this highlights the depth and breadth of the Symantec consultancy work we have undertaken throughout the course of the year.

For the second year running, we are thrilled to retain our ‘Technical Enablement – Europe’ award from 2022; having achieved more Symantec course qualifications than any other Partner in the whole of Europe.

Clive Gladwin, Senior Principal SE of Symantec Enterprise Division – Broadcom said: “The amazing team at Gradian continuously demonstrates the highest level of skills, not just with our superb portfolio of products, but also with our messaging and understanding the precise needs of customers.  On top of that, Gradian’s commitment to certification and Knighthoods are exemplary and these two awards recognise the tremendous work that they do to keep our joint customers safe and secure.”

Matt Elvin, Gradian’s Head of Technical Services commented: “We’re very proud to be chosen for these awards and were over the moon to discover that we’re the only organisation to win in both of our categories.  Whilst it’s great to win an award, it’s even harder to retain one; but really this is a happy by-product of the focus we place on our customers.  We work diligently to ensure they derive maximum value and satisfaction from every engagement with us.”

He continues: “Of course, this would not be possible without the commitment from every member of our Gradian team.  Their efforts relentlessly underpin Gradian’s purpose which is our belief that our customers have the right to successfully protect their data without this compromising their work/life balance.”

The post Gradian wins multiple awards in Broadcom’s Annual Cybersecurity Partnership Awards appeared first on Gradian Systems Ltd.

]]>
https://www.gradian.co.uk/news/gradian-wins-multiple-awards-in-broadcoms-annual-cybersecurity-partnership-awards/feed/ 0
Case Study – International Law Firm* https://www.gradian.co.uk/case-studies/case-study-international-law-firm/ https://www.gradian.co.uk/case-studies/case-study-international-law-firm/#respond Fri, 18 Aug 2023 15:44:17 +0000 https://www.gradian.co.uk/?p=3119 The post Case Study – International Law Firm* appeared first on Gradian Systems Ltd.

]]>
*Identity withheld for security reasons

Accelerating compliance with Gradian DLP-as-a-Service

The Business

This bold and distinctive International law firm is one of the largest law firms worldwide by global revenue, and employs over 2,000 lawyers. They are ranked by Thomson Reuters in the top 10 strongest global law firm brands.

We don’t need to be Forcepoint experts – Gradian is there for us; providing expert and responsive advice at every step,” says the CISO.  “Gradian understood our business use-cases, made valuable recommendations, worked with us on an implementation strategy, and now provide DLP-as-a-Service. They made sure we could crawl and walk before we could run.”

The Challenge

Data loss prevention (DLP) is a key priority for security leaders across industries, especially in the legal sector which deals every day with regulated data. Legal teams handle a significant amount of highly sensitive information, from medical and financial data to merger and acquisition information. Moreover, everyone in the organisation – from partners and paralegal teams to administrative staff – is responsible for the management of data.

DLP is now a “must-have”

“DLP is ‘table stakes’ for us,” says the law firm’s Chief Information Security Officer (CISO). “As the organisation evolves towards cloud applications and hybrid cloud environments, DLP has changed from a ‘nice-to-have’ to a ‘must-have’. Clients trust us with their data and we need to track its movement. DLP is also a balancing act. On the one hand, we need to prevent the loss or misuse of sensitive data. On the other, we must simultaneously maintain open communications with our clients.”

Until recently, the organisation relied on a legacy DLP platform which, according to their CISO, needed replacing. “The platform was effective, but we needed to refresh our approach. We needed a more mature, flexible DLP solution to improve credible alerting and meet client expectations.”

The CISO and his team had two options: operate and maintain a modern DLP platform in-house, or turn to a trusted managed provider to implement and support the solution. “DLP is more strategy than product, so success depends on methodology and execution,” he stated.

The Solution

“Forcepoint offers a top-tier platform to manage the acceptable movement of information based on people’s behaviour. We benefit from visibility and control about how data is handled, irrespective of people’s location,” claimed the CISO.

Gradian led the firm to study Forcepoint. “It’s rare for us to outsource IT support. However, the Gradian team were impressive during the selection phase. We were confident we could trust Gradian to provide insight and guidance in support of our DLP strategy,” he said.

The law firm has standardised on Gradian’s DLP-as-a-Service, powered by Forcepoint, to provide enterprise protection. The approach simplifies compliance whilst protecting both the client and the organisations’ own sensitive data.

The Result

DLP can be a ‘noisy’ environment, with regular alerts on incidents that turn out to be false positives. That’s not the case with DLP-as-a-Service, which is tuned to specific client and firm risks – diminishing false positives and automating the response to other lowgrade alerts. “We didn’t want our Security Operations Centre (SOC) to be overwhelmed with false positive alerts. Gradian understood our requirements and worked with us to tailor the security configuration accordingly.” This client-focused DLP strategy has become a talking point during client meetings. “We can demonstrate to clients how their critical data is transmitted. The clients welcome this trust and transparency – and we have Gradian to thank for that.” Their CISO concludes, “Gradian is one of our trusted partners. Everything about DLP-as-a-Service – the underlying Forcepoint technology, the implementation, and the ongoing management – are highly professional. We’re confident to trust Gradian to help maintain this critical security tool.”

Challenge

Until recently, the organisation relied on a legacy DLP platform which, according to their CISO, needed replacing.  The CISO and his team had two options: operate and maintain a modern DLP platform in-house, or turn to a trusted managed provider to implement and support the solution.

Solution

The law firm has standardised on Gradian’s DLP-as-a-Service, powered by Forcepoint, to provide enterprise protection. The approach simplifies compliance whilst protecting client and the firms’ own sensitive data.

Results

Gradian is now trusted to manage the DLP estate across more than 7,500 endpoints and the server estate worldwide.

The post Case Study – International Law Firm* appeared first on Gradian Systems Ltd.

]]>
https://www.gradian.co.uk/case-studies/case-study-international-law-firm/feed/ 0
Navigating the Journey to ISO 27001:2022 Compliance https://www.gradian.co.uk/blog/navigating-the-journey-to-iso-270012022-compliance/ https://www.gradian.co.uk/blog/navigating-the-journey-to-iso-270012022-compliance/#respond Tue, 18 Jul 2023 14:20:25 +0000 https://www.gradian.co.uk/?p=3000 The post Navigating the Journey to ISO 27001:2022 Compliance appeared first on Gradian Systems Ltd.

]]>

Written by Jacob Woodfield – DLP Practice Lead at Gradian | Jul 13, 2023

In October 2022 the International Organisation for Standardisation (ISO) revised the ISO 27001 standard, making Data Loss Prevention (DLP) an integral part of the framework.

In a nutshell, this means that to attain or retain certification, you must have DLP deployed within your organisation by the 31st October 2025.

Read on to understand more about what DLP is, and how Gradian can help meet the requirements.

What is DLP?

DLP toolsets are configured to identify regulated, confidential, and business-critical data; these identifications are typically driven by regulatory compliance such as GDPR, HIPAA, or PCI-DSS but can be driven by Intellectual Property and other bespoke requirements. Examples include looking for specific keywords or patterns (such as a Regular Expression) or content similarity for your sensitive document templates.

Once those violations are identified, DLP can be utilised to enforce alerting, encryption, user-education, blocking and other preventative/protective actions and more to mitigate, and in some cases negate, the risk to end users from accidentally or maliciously sharing data that shouldn’t be shared.

Furthermore, DLP can build upon existing Data Classification toolsets, integrate with Web Proxies, Firewalls and CASBs. DLP can even be expanded to utilise UEBA technology and enforce stronger measures on users who are exhibiting potentially compromised behaviours.

DLP: The New Cornerstone of ISO 27001:2022

In an era of exponential data growth, DLP has evolved from being a reactive measure to a proactive necessity. Whilst the ISO 27001 standard has always mandated measures for information security, the 2022 revision has specifically called out DLP. As a result, ISO 27001:2022 is the manifestation of the global understanding of DLP’s indispensability in achieving a secure data environment.

The successful implementation of a DLP toolset aligns your organisation with the ISO 27001:2022 standard, showcases your commitment to data security, and instils trust among stakeholders. Therefore, an effective DLP policy forms the crux of the ISO 27001:2022 certification narrative.

Gradian’s role in your compliance journey

We understand the challenges organisations face in embarking on a successful DLP journey. That’s where our expertise and hand-picked best-in-class toolsets come into play.

Expert Consultation and Customisation

Our industry-leading security experts understand the nuances of an effective DLP policy. We customise our approach to your unique security needs, developing a tailored DLP solution that aligns with ISO 27001:2022.

We Listen. We work to understand what data you hold which needs protecting and we tune policies using our Crawl > Walk > Run approach to ensure the all-important balance between productively and security is met.

We also work with Policy Tuning across all DLP toolsets; so even if your toolsets are deployed already, we can work as an extension of your internal teams to ensure you are gaining the best ROI from them possible.

Technological Partnerships

Our strategic partnerships with best-in-class technology vendors enable us to leverage cutting-edge solutions for data protection. All partnerships with our vendors are fully vetted and explored before we put their name against ours. We deconstruct the technology and stress-test it to ensure it is enterprise ready and valuable. This process ensures that we are not only industry-leading experts in all technologies we recommend, but that the technologies are of a platinum standard for our clients.

Continuous Support and Training

Compliance isn’t a one-time accomplishment. It’s an ongoing endeavour, requiring regular updates and monitoring. Gradian provides continuous support to help you stay abreast of the evolving security landscape. Additionally, we offer training programs to empower you in effectively handling data loss incidents and reporting as well as maintaining toolsets internally.

Managed Services

If maintaining DLP toolsets sounds like a daunting task, we can provide our DLP-as-a-Service to you, which will help keep your mind at ease when it comes to things like troubleshooting, upgrading or even understanding how you can get that complex DLP policy just right. Working as an extension of your internal IT Security team, we ensure you always have decades of rich DLP-centric experience on hand.

The story of ISO 27001:2022 certification is one of a proactive commitment to data security, with DLP at its heart. In this narrative, Gradian serves as a guide, empowering you with the tools and expertise needed to navigate the complex terrain of data security and compliance.

Partner with us and let’s create a secure future for your data together.  The first step is to claim your FREE workshop or get in touch to see how else we can help you.

The post Navigating the Journey to ISO 27001:2022 Compliance appeared first on Gradian Systems Ltd.

]]>
DUP – It’s child’s play! https://www.gradian.co.uk/blog/dup-its-childs-play/ Fri, 16 Dec 2022 17:08:33 +0000 https://www.gradian.co.uk/?p=2301 The post DUP – It’s child’s play! appeared first on Gradian Systems Ltd.

]]>

DUP – It’s child’s play!

DUP… It’s easy as 1,2 3!

Okay, that wasn’t my best line, but I hope it served its limited purpose of grabbing your attention.

 

Over the span of my career, I have seen toolsets come and go in our industry which promise astonishing things. Very rarely, can they deliver on some increasingly bold claims. When Forcepoint unveiled their Dynamic User Protection (DUP) as a SAAS offering, I wasn’t convinced it would be as simple as they claimed. Anyone following the world of Forcepoint can tell you that the UEBA on which DUP is based, is not a simple toolset to deploy. It requires comical levels of hardware and extremely qualified Professional Services (PS) to deploy. It’s in fact so complex, it could not be sold to clients without mandatory Forcepoint PS.

 

So when we at Gradian were lucky enough to get our hands on it towards the start of this year, I cleared out an afternoon, grabbed a coffee, logged into my portal and got cracking on deploying it within my lab. I knew it would be simple, but grossly overestimated the time I would need. Here’s what happened in my lab environment:

 

  1. Logged into portal
  2. Downloaded the NEO Agent following a pop-up telling me to (my first time login)
  3. Copied the agent to my lab machine (also running Forcepoint ONE Endpoint)
  4. Checked the status in my DUP Tenant to see “Installing” as the status for my lab machine
  5. Rebooted my lab machine and saw the client report into my tenant

 

And that was it. My coffee was still hot and my afternoon was suddenly free. The NEO Agent communicates with my ONE Agent locally. The ONE Agent feeds all relevant information back to my Forcepoint Security Manager and the NEO agent autonomously updates in the background.

 

Obviously there are more considerations for an enterprise deployment, such as testing, change requests and pushing the agent to all users, but the takeaway here is that the deployment process really is that simple.

The post DUP – It’s child’s play! appeared first on Gradian Systems Ltd.

]]>
The next big leap in DLP. https://www.gradian.co.uk/blog/dlp-backdoor/ Sun, 20 Nov 2022 15:21:09 +0000 https://www.gradian.co.uk/?p=2279 The post The next big leap in DLP. appeared first on Gradian Systems Ltd.

]]>

Could this be the end of using backdoors as a solution?

Written by Jacob Woodfield | Oct 28, 2021

 

Introduction DLP

Data Loss Prevention has been a fundamental in Enterprise level Cyber Security for almost 30 years. In that time, we have witnessed the advancement of countless tools to enhance our ability to both detect and act on potential data breaches. Some of these are extremely niche in their ability, such as machine learning. Most however, are now relied on heavily by organisational strategies – Browser level inspection, Optical Character Recognition, Cloud-Based API integration for online storage solutions; all of these and more provide enhanced protection and control of sensitive information.

In the past ten years, we’ve seen the rise of Data Classification, CASBs and GDPR. Data Loss Protection is no longer the elephant in the room which we awkwardly skirt around from fear of project implementation time or costs – DLP is now a foundation for any mature security posture with even non-DLP specialist tools providing some level of DLP integration.

The issue is however that DLP has remained overall very static in its approach since its inception in the 90s. Requiring a specific reaction to a specific action. If you wish to protect credit card numbers for example, you have granularity in defining how many unique matches must trigger, where they can go without impedance and where they absolutely must not be sent, you have granularity in who is allowed to send this and who is not, but this is a manual process requiring knowledge and understanding of your individual users.

 

Backdoors

Very often I will be working with an organisation who wish to protect specific, potentially damaging information. I will meet with data owners and security personnel, to be told that X business unit can send this to Y location externally as part of an approved business processes. There are multiple technical aspects of allowing such nuances to happen, but broadly speaking, we will be tasked with creating “back doors” for specific users. This is an extremely common practice and almost every organisation will implement it in some form – be it the CEO whitelisted from all policies (which despite extremely impassioned protests, does still happen), an entire business unit allowed to write anything they want to USB drives… the list is extensive.

 

The Issue

What these back doors do not account for however is the security of the individuals we are creating them for. Taking our (admittedly extreme) CEO example, what would happen if the CEO’s account were compromised? The organisation now sits with a compromised account leaking sensitive information with tools purchased, implemented and configured specifically set-up to ignore this account. Even if the organisation still allowed for DLP to create an audit of all sensitive data exfiltrated, it is still too late – this data has left the span of control of the organisation.

 

Is there a Solution?

So, what is the solution? If it were as simple as convincing companies not to allow back doors, this entire blog post would be moot. We could implement drip DLP and start triggering blocking enforcement after a specific threshold is met, but that still allows data to leave, and it still doesn’t account for organisations who wish to whitelist all activities over a specific channel. It’s an issue which requires static policies to be configured for dynamic variables – users.

The solution then, must be something automated which can change our static policies depending on the current variable.

This is where User Engine Behaviour Analytics (UEBA) comes in.

Working in the background, UEBA toolsets use tens of thousands of indicators of behaviour (IOB) to run complex algorithms and output a human-readable risk score. This risk score is assigned to each user in the organisation to highlight if a user is acting suspiciously. This could be in reference to spending more time on LinkedIn and sending out CVs, logging in at uncharacteristic hours, sending more emails externally… everything is logged, fed into the UEBA and analysed.

Of course, historically a UEBA has come with extremely complex and unique deployment challenges, requiring gargantuan hardware resources and dedicated teams to keep things running smoothly. With the rise of cloud computing and SAAS offerings however, UEBA is becoming more approachable every year.

 

Then there is the issue that UEBA has no real integration to DLP. I’ve had multiple client meetings where I’ve been asked if the UEBA toolset costing substantial time and resources can be leveraged into a DLP solution. Though the answer is yes, it comes with significant caveats. User scores would need to be manually checked and DLP policies would need to be manually refined with these scores in mind. Several years ago, I was working with a large manufacturing enterprise who had a “Leaver’s Policy”. This required a resource to manually check the UEBA service each morning and then update the AD records of users in this policy so that high flight risk users were being inspected much more closely. Not only was this a huge time-sink, it also created extreme levels of incident generation and a 99.9% false positive rate.

 

Could this be it?!

This is why Forcepoint’s latest innovation, Dynamic User Protection (DUP) is so exciting. Providing a SAAS based UEBA, the toolset integrates quickly and seamlessly into Forcepoint’s DLP solution. This allows for policies to be created which apply an action on a user’s individual risk score. For example, a user with a low-risk score could be allowed to send confidential data without impedance. When that risk score creeps up, we can configure DLP to perform more restrictive actions, such as requiring user interaction in the form of pop-up warnings, to quarantining emails, all the way up to blocking the transaction entirely and autonomously emailing the user’s manager.

The time has come for DLP to be more intelligent, and Forcepoint’s DUP is leading the charge on this. Without the need for complex management of the UEBA solution or the hardware to run it on and with the benefits of seamless, automated integration with DLP, the possibilities of allowing users to perform their usual activities without the need for security back doors just broadened extensively.

If you want to know more about DUP you might be interested in our other blog post – DUP it’s Childs Play

 

The post The next big leap in DLP. appeared first on Gradian Systems Ltd.

]]>