Managed IT Services
Managed IT Services

Cyber Defence

Home Managed IT Services Managed Security Cyber Defence

Cyberattacks are among the most critical business risks today and pose a growing threat. Operational disruptions caused by system failures, data loss, or data encryption can result in significant financial losses, additional costs, and reputational damage. Cybercrime has evolved into a lucrative business in recent years, as attackers act anonymously and operate regardless of location.

According to the National Cyber Security Center (NCSC), the number of reported cyber incidents in Switzerland alone has at least doubled in recent years. Today, it is only a matter of time before a company becomes the target of a cyberattack—and whether the company is well-prepared for it. In addition, legislators and regulatory authorities are constantly tightening information security requirements. In this environment, EveryWare offers Cyber Defense Services as a complement to our proven Managed IT Services and Infrastructure Security Services to provide companies with optimal protection against cyberattacks.

Contact

By
phone: +41 44 466 60 00

Contact us by email

Vulnerability Management

Proaktiver Schutz: Schwachstellenidentifizierung, -bewertung und Handlungsempfehlungen

Verbessern Sie die Sicherheit Ihrer IT-Infrastruktur, indem Sie Schwachstellen proaktiv erkennen und beheben. Unser Vulnerability Management bietet Ihnen einen strukturierten, professionellen Ansatz, um Ihr Unternehmen vor potenziellen Angriffen zu schützen.

  • Identifizieren von Angriffsmöglichkeiten: Jeder Teil Ihrer IT-Infrastruktur, sei es Betriebssysteme, Middleware, Applikationen oder Firmware, kann potenzielle Schwachstellen aufweisen und so kompromitiert werden. Diese Schwachstellen, auch als Vulnerabilities bezeichnet, können von Angreifern als Eintrittspunkt genutzt werden, um in Ihre IT-Infrastruktur einzudringen oder sie zu gefährden.
  • Strukturierte Schwachstellenerkennung: Um Schwachstellen in Ihrer IT-Infrastruktur zu erkennen, werden Vulnerability Scans durchgeführt. Diese Scans prüfen die IT-Infrastruktur, einschliesslich Server, Firewalls und andere Komponenten im Datacenter, auf bekannte Schwachstellen. Die Schwachstellenerkennung wird von Sicherheitsexperten, Penetrationstestern oder nach einem Sicherheitsvorfall vorgenommen.
  • Effiziente Schwachstellenbehebung: EveryWare analysiert und bewertet diese Schwachstellen zusammen mit dem Betriebsteam im Kontext der IT-Infrastruktur und erstellt einen regelmässigen Vulnerability Report mit konkreten Handlungsempfehlungen. Die Einschätzungen und Massnahmen sowie deren Umsetzung werden gemeinsam mit dem Kunden besprochen und definiert.

Security Operations

Security Operations Center: Early Detection and Defense Against Cyberattacks

Cybersecurity monitoring is the ideal complement to infrastructure security services and vulnerability management. Our dedicated, trained security experts operate a structured cybersecurity monitoring program from the Security Operations Center (SOC). Security-related information is collected from a wide variety of sources, stored independently, and analyzed to identify potential attacks and attack patterns. Based on playbooks, or in consultation with the customer and the operations teams, we implement measures to contain or mitigate an attack.

Endpoint Detection & Response Service (EDR as a Service)

IT attacks often occur via endpoints (clients, servers) and exploit vulnerabilities, phishing, or malware, for example, to gain access to IT infrastructures. Our EDR service detects and blocks these attacks by monitoring endpoints in real time and responding to suspicious behavior. Our experts analyze this behavior and are familiar with common attack patterns, enabling them to respond proactively. Conventional security settings and tools (e.g., network firewalls, antivirus software), on the other hand, are usually unable to detect a sophisticated attack.

 

  • Effective protection against IT attacks on endpoints everywhere (clients and servers).
  • Early detection and blocking of attacks and malware.
  • Continuous, real-time monitoring of endpoints against sophisticated attacks.
  • Highly available cybersecurity platform in the SOC.
  • Experts in the SOC analyze alerts and take targeted measures in consultation with customers and the operations team.

Extended Detection & Response Service (SIEM as a Service)

The Extended Detection & Response Service also covers attacks on service components that cannot be detected by Endpoint Detection and Response (EDR) alone. EDR enables the early detection and mitigation of many attacks. However, some attacks are so sophisticated that they evade EDR, or they target vulnerabilities in service components not covered by EDR (e.g., switches, firewalls, software appliances, application vulnerabilities, etc.). Our Extended Detection & Response Service centrally collects, correlates, and analyzes information from various sources in a “Security Information and Event Management” (SIEM) system. This enables comprehensive threat detection and response.

  • Real-time collection and analysis of information from various sources, centralized in a SIEM system.
  • Operation of a highly available SIEM infrastructure within our EveryWare Datacenter.
  • Audit-proof storage of security-related logs for 18 months to meet your compliance requirements.
  • Analysis of alerts by our SOC team. Implementation of necessary defensive measures in coordination with customers and operations teams.

Compliance Reporting as a Service

We help customers meet their compliance requirements, particularly with regard to security policies and legal regulations. Customers in regulated industries are required to regularly document and provide evidence of changes to their IT infrastructure, such as login attempts, user modifications, and authorization changes. Using our "Security Information and Event Management" (SIEM) system, we generate reports on relevant security events and activities.

  • Documentation and evidence of changes to the IT infrastructure.
  • Security-related log data is collected centrally and retained in an audit-proof manner for 18 months.
  • Provision of standardized reports and real-time alerts.
  • Development of customer-specific reports according to individual requirements.

Incident Response & Forensics

In the Event of a Crisis: Guaranteed Access to Cybersecurity Experts

Infrastructure Security Services, Vulnerability Management, and Security Operations Services provide a very high level of protection against cyberattacks. Nevertheless, a security incident can occur and cause significant damage. In such a situation, it is advantageous to have security specialists available to you with a guaranteed response time. You gain access to such specialists. Through an Incident Response & Forensics Agreement (IRFA), response and intervention times are guaranteed in the event of a crisis.

Of course, the guaranteed availability of cybersecurity experts during a crisis is “a must.” However, it is important that collaboration with these specialists extends beyond times of crisis. A proactive approach to cybersecurity—including regular audits, training, and security assessments—helps prevent potential security incidents and detect them early.

Readiness and Consulting Services

Security awareness training, phishing simulations, penetration tests, or topic-specific consulting

Use security awareness training, phishing simulations, penetration tests, or topic-specific consulting to proactively counter attacks. EveryWare provides you with advanced readiness and consulting services as needed, including penetration testing, architecture and security reviews, security awareness training, periodic phishing simulations, and specific consulting services—for example, in the areas of cloud governance and technical measures to protect data in public clouds.