Quann: Delivering Comprehensive Cybersecurity Services
With data becoming evermore valuable and newer technologies like IoT entering the game, advanced cybersecurity is today an imperative. However, present cybersecurity models have a serious flaw: They are far too technology- and infrastructure-centric. On the flipside, cybersecurity needs to holistically and coherently cover end-to-end aspects, from pre-incident, during an incident, and post-incident. This should include the design of security architecture, skills, and experience of cybersecurity professionals, and round-the-clock monitoring. “Security is only as effective as the weakest link. Organizations need to approach cybersecurity holistically rather than focusing on individual products or devices,” says Foo Siang-tse, Managing Director of Quann. His comment points toward the trend of product-centric security purchasing in the APAC region where an average enterprise may have as many as 32 different security vendors operating in its environment. In addition to confusion created due to differing and contradicting advice and recommendations, this also results in redundant purchases and unoptimized devices.
In such scenarios, Quann plays the role of a trusted advisor extending a brand agnostic outcome-driven service delivery model. Its Cybersecurity Posture assessment tool provides a comprehensive assessment for determining an enterprise’s current cybersecurity posture and systematic recommendations to enhance it progressively.
Supporting the company’s cybersecurity strategy are its four main pillars. The first, Quann Consult assesses the effectiveness of a security set-up, from architecture and policies to the vulnerabilities that exist in the system. Then Quann Empower evaluates and trains everyone in the organization, from the CISO and his/her cybersecurity team to non-IT employees, about security awareness and cyber threats. The third pillar is called the QuannProtect which monitors the organization’s network, both on the perimeter and within, round-the-clock through the company’s in-country next-generation intelligence and analytics-driven security operations centers (SOCs). The last pillar, Quann Rescue provides mitigation capabilities to contain threats, speed up service recovery, and prevent attacks from recurring. “These pillars are the four vital aspects of security that are essential for any organization. And we architect them in a closed feedback loop which strengthens the entire process.”
Regarding cybersecurity, many companies prefer managing underlying processes and SOCs over relying on managed security service providers (MSSPs). While that approach is favorable in many ways, the global talent crunch (especially of professionals with more than ten years of experience) can make it an uphill task for those who want to adopt this self-reliant cybersecurity model. To better gauge the talent shortage, consider this: In 2016 only two percent of the 198,200 ICT workers in Singapore were considered IT security specialists. “But with over 300 highly skilled security professionals, we possess the economies of scale that individual organizational SOCs do not have.” Additionally, being one of the largest MSSPs in APAC, Quann monitors multiple enterprises’ networks. This provides the firm with a large threat intelligence pipeline and diverse knowledge of threats across verticals that enhances correlation and identification of threats.
Quann is presently developing its next-generation big data analytics-driven security operations platform. It will have multi-sourced and actionable threat intelligence for strategic planning and tactical execution, deep automation and orchestration for speed and precision, along with human-augmented security decision-making process to manage large amounts of logs and tickets. These advanced technologies serve to augment the skill and expertise of the cyber security professionals. After all, cybersecurity is an art and science.