While the name nor the idea are original, we have yet to see the actual solution to the issue. The issue I refer to is the fact that small and medium-sized businesses are out in the cold when it comes to cyber security monitoring and hardening.
Every security operations center (SOC) or security as a service (SaaS - the other one) offering starts at a price point that alienates businesses that operate on a smaller scale. This is where enterprise security forgets that we are only as strong as our weakest link, so they implement a warmed over review of contractor and sub-contractor security, which are usually smaller businesses. These smaller companies suffer in the face of questions related to periodic penetration tests, firewalls and intrusion detection on internet connections, internet connection monitoring, or even ISMS certification.
The knee-jerk reaction for most businesses is to obtain ISMS certification, because for most vendor review questionnaires it fulfills most of the requirements.
Here’s the sad part, most hacking groups know which small businesses contract with which enterprise businesses, hence, target the weakest link. Hacking groups - criminal, nation-state, or hactivism - do not stop the moment they hear all of our policies are in order. They do not stop because they see a privacy label or some other certification on a web site. Hacking groups only stop when they are proactively prevented from accessing a network. Period. There is no other solution.
That is where SOCinaBox comes in to offer a solution to security breaches among small business at practically epidemic proportions. Your typical Japan small business setup is shown in the diagram below:
While most businesses are not offering mail services or web services from their office internet connection, many do not change the ONU (which can double as a router) password, nor bother to change anything on the NEC wireless router that comes with the most recent PPPoE service offered. I also suspect that this is not limited to Japan, but that is where SysRisk primarily operates.
The SOCinaBox solution offers the following at an affordable price for small and medium-sized businesses:
This solution is not a black box solution, but a service with a setup cost where SysRisk comes in and hardens the ONU, hardens the ISP router, installs a passive network tap, installs an intrusion detection system (IDS), then installs a firewall. The firewall and IDS are then connected to a virtual private network (VPN) and managed by SysRisk for a nominal fee.
Setup cost is about 120,000 JP Yen (or $1000), based on standard NTT setup outlined above, and a monthly monitoring cost of 6,000 JP Yen (or $50). The IDS on the tap will not prevent the network from working if taken down, since most hackers target that first.
If you have any questions about this service, please contact us at this link.