CSOC – Ensure business continuity

CSOC - Cyber Security Operations Center

We remain vigilant so you don’t have to.

Loihde’s CSOC serves its customers around the clock every day of the year. The most important duty of the centre is to give peace of mind to customers and constantly develop the securing of the customer’s business activities. A combination of advanced technology and the top experts of their field ensures that our customers always know when something happens, typically when it has already been dealt with.

Our Cyber Security Operations Centre works in cooperation with our customers’ stakeholders so that, whenever a situation arises, we can carry out the most appropriate countermeasures.

Need-based solution

Not everybody needs everything that is available. Instead, the level of protection should always be scaled according to the goals and threat surface area. For many organisations, the most important benefits are already provided by small things and, when the operations grow, Loihde’s CSOC supports the path of transforming cyber security into a competitive advantage. A clear and goal-oriented roadmap is the way to success, also in the context of cyber security.

Log Management and SIEM

Log management makes it possible to determine what has happened and who has accessed the data retrospectively.

READ MORE

The service also allows for showing that the necessary monitoring measures have taken place and that the statutory obligations have been fulfilled (e.g., the EU General Data Protection Regulation). Safe storage of logs is important in order to protect confidential information. Logs of information security devices, network devices, servers and applications can be kept.

The service is used to produce a secure, expandable and high-performance log data management and storage service for the customer. The service makes it easier to access log data but also allows the customer to monitor and limit access to their log data. Centralised log data makes it possible to utilise data for various business needs, such as information security, financial or IT management or production, accounting and auditing.

SOC

The SOC (Security Operations Centre) is a pillar for information security monitoring and exceptional situations.

READ MORE

The SOC is a cyber security monitoring service that is active around the clock. When problems are identified as early as possible, anomalies can be responded to quickly and damages minimised.

A situation picture of the customer’s information security insight is generated through analyses, combinations and processing of information collected in the customer’s environment. Various tools used by our experts include log data and machine learning that allow for filtering the most important aspects from massive amounts of data on which our experts can then focus. The measures required to eliminate an information security threat are initiated immediately, in accordance with the process agreed upon with the customer.

Threat Intelligence

Defensive capability is based on information of the field of threats. The Threat Intelligence service is designed to provide you with the essential information related exactly to your activities.

READ MORE

Establishing a proactive cyber defence requires reliable, clear and comprehensive threat intelligence. Threats, vulnerabilities, targeted attacks and methods of attacks must be monitored in order to be able to make the correct strategic and operative cyber threat and risk management decisions. The Threat Intelligence service provides information on the status of various themes related to your industry or company from many sources of data, including the dark web.

A lot of information is available, but, in order to take advantage of it, the essential aspects must be determined and refined for the organisation. Our Threat Intelligence service determines, processes and refines the data to be used by the customer. Together with the CSOC Service, threats can be detected quickly and preventive measure can be taken to protect activities in a proactive manner.

OT–SCADA/ICS

Digitalisation has also had its effects on critical industrial and automation environments (OT–SCADA/ICS). New business, support and remote control processes have introduced new information security risks.

READ MORE

The environments that were previously very isolated are now increasingly networked with other information systems. Poor insight and new information security risks make the environments vulnerable.

Our critical industrial environment monitoring service puts your basics in order. The automated system/device inventory provides insight into devices and systems and their status. Passive monitoring makes it possible to monitor the behaviour of environments without interruptions. The CSOC monitors and reacts to information security threats and incidents. The solution can be scaled and applied to decentralised production environments and it also makes the monitoring and quality of information security more uniform. This provides more security to operations.

Endpoint Protection

Endpoint protection helps to identify and prevent threats at the level of the terminal device and not only after they have penetrated deeper into the organisation.

READ MORE

For attackers, terminal devices are commonly the most attractive way to access data and cause harm. Every day, organisations use a wider range of various applications that make it possible to work on a smartphone regardless of your location with the Wi-Fi of a fast food restaurant. On one hand, this makes it possible to verify that you have received an email or finished a document, and on the other, attackers gain a new way to access the organisation. When work is done in a hurry on the small screen of a smartphone, even the most vigilant users can easily fall victim to phishing, for example.
Our modern solution also takes into account the user and their privacy. It does not compromise the performance of the terminal device and only the required data that can also be anonymised, if necessary, are used in the information security analyses. When arranged properly, information security is not a limitation but an enabling factor that makes it possible to cut the tie between work and location.

Privileged Access Management

Our Privileged Access Management service allows you to keep track of who has accessed a digital system and when and what has been done.

READ MORE

Privileged Access Management is a service for secure management and monitoring of user IDs, access rights and sessions. The service provides reliable management of the user IDs and passwords of all digital systems. The Loihde CSOC – Cyber Security Operations Centre monitors in real time what is done with each user ID and by whom.

The service monitors and manages sessions, administrator IDs, approval processes, ensuring the secure use of IDs with privileged access. If, despite everything, something happens, a log of the chain of events makes it possible to analyse the events and what or who caused them.

The service provides ready-made good practices for monitoring and managing access privileges with an easy and quick introduction.

Comprehensive view of information security threats

In their online environments, companies and public administration constantly face complex and continuously developing information security threats. Information networks and systems are so complex that their secure monitoring can be difficult. Loihde Trust’s Cyber Security Operations Centre (CSOC) is the answer to the information security challenges of complex information technology environments, centralising the monitoring to a dedicated group of experts.

The Cyber Security Operations Centre keeps track of information security in real time, monitors the customers’ networks and detects and reacts to anomalies. It detects attacks that the human eye cannot notice.

The service uses both automatism and the extensive expertise of Loihde Trust’s experts. Our CSOC experts interpret and analyse even the most complex information security events, alert the customer of them and ensure that preventive measures are taken. The service maintains continuous awareness of the status and events of the information systems.

Our Customers

Ship design secured with a combination of artificial intelligence and human intervention

Deltamarin Group introduced Loihde Trust’s endpoint protection service combined with CSOC monitoring. The specialty of Deltamarin, who are active in Finland, Poland, China and Croatia, is ship design and various…

Loihde Trust providing the networks of Kuopion Energia with operational reliability

The first steps of cooperation between Loihde Trust and Kuopion Energia were taken in the early 2000s in the form of firewall administration. Around this cornerstone, more extensive cooperation started…

CSOC - Cyber Security Operations Center

We remain vigilant so you don’t have to.

Need-based solution

Log Management and SIEM

SOC

Threat Intelligence

OT–SCADA/ICS

Endpoint Protection

Privileged Access Management

Comprehensive view of information security threats

Our Customers

Ship design secured with a combination of artificial intelligence and human intervention

Loihde Trust providing the networks of Kuopion Energia with operational reliability

LOIHDE TRUST

CONTACT

LOIHDE Group