know that the SOC-as-a-service is primed to jump into the battle with remediation and response the second something is detected. Miller pointed to a recent example, where a client experienced a successful phish. “It happened in seconds,” he said. “The person clicked on the link, gave up credentials and the account was compromised.” Within moments, BitLyft’s security systems killed the account that was being used by that person in order to stop further bad behavior or data loss. But the SOC-as-a- Service was also able to find out who else in the organization had received a similar e-mail — or was about to — and plucked them from inboxes.
5) Be selective about the work.
shore up their most vulnerable spots as quickly as possible.” And in the meantime, “We’ll make sure we’re monitoring and detecting that higher risk until it’s more secure.”
BitLyft
Illuminating and eliminating cyberthreats for a safer world
Don’t just react to threats. Our BitLyft AIR Platform is a fully integrative and proactive approach to cybersecurity. We’re building
a community of cybersecurity advocates through education, insights, and advanced tools. Join our community and learn more at www.bitlyft.com
A legitimate SOC-as-a-Service vendor will turn down an institution’s request to perform a risk assessment. “It would be a conflict of interest for the incident response company to also perform the risk assessment,” said Miller. “If we were checking ourselves with the risk assessment, what are the chances we’d want to tell you that we’ve failed you?” Miller is a firm believer that the initial risk assessment should always be done by another company altogether, in order to provide what he called “clean lines in the sand”: “You’re checking me, and I’m protecting the client, and you’re making sure that I’m doing a good job of protecting the client.”
That isn’t to say that the SOC vendor shouldn’t see the results of the risk assessment. Armed with that information, Miller added, “We can work with the client to